We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

GRIT Report Shows 25% Surge in Ransomware Victims

GRIT Report Shows 25% Surge in Ransomware Victims
Author Image Husain Parvez
Husain Parvez Published on 23rd April 2023 Cybersecurity Researcher

GuidePoint Security has released the GuidePoint Research and Intelligence Team’s (GRIT) Q1 2023 Ransomware Report. Within it, GRIT tracked 849 publicly posted ransomware victims claimed by 29 different threat groups in Q1 2023, which is a 25% increase compared to Q4 2022.

Manufacturing, Technology, Education, Banking and Finance, and Healthcare organizations continue to represent the majority of publicly posted ransomware victims. GRIT Lead Analyst Drew Schmitt states, “Based on what we’ve observed during Q1, we assess that more advanced ransomware threat actors will increasingly deploy novel coercive techniques, particularly as the fallout of existing instances generates media coverage and civil lawsuits against affected organizations.”

According to the report, LockBit remains the most prolific ransomware threat group. The rapid and widespread exploitation of a vulnerability in Fortra’s GoAnywhere file-sharing software brought Clop into a leading position. Following LockBit, Vice Society remains the most impactful group targeting the education sector.

The report has shown an increase in the use of novel coercive tactics by numerous prolific ransomware groups following the "double extortion" operations model. This is where critical and sensitive files are not only encrypted by the threat actor, but exfiltrated too. The group can then threaten to leak the data if ransom demands are not fulfilled.

GRIT's analysis has also shown additional observed coercive measures, including Distributed Denial of Service (DDoS) attacks and selective public leaks designed to generate media attention and cause reputational damage to organizations.

The top 5 most active Ransomware Threat Actors are LockBit, Clop, AlphV, Royal, and BianLian, with Manufacturing and Technology continuing to be the most impacted sector. However, the report notably showed a 65% increase in observed victims in the legal industry from Q4 2022 to Q1 2023.

Earlier this month, it was also disclosed that Europe's transportation sector had recently been significantly affected by ransomware and data breaches. According to ENISA's first-ever threat landscape report, ransomware incident reports almost doubled in volume from 13% in 2021 to 25% in 2022. European airports, railways, and road authorities were among the victims of these attacks.

About the Author

Husain Parvez is a Cybersecurity Researcher and News Writer at vpnMentor, focusing on VPN reviews, detailed how-to guides, and hands-on tutorials. Husain is also a part of the vpnMentor Cybersecurity News bulletin and loves covering the latest events in cyberspace and data privacy.