This report serves as a beacon of insight, offering a comprehensive analysis of the emerging trends, evolving techniques, varied motivations and techniques employed by threat actors from January 2023 to March 2024. Curated by our globally diverse intelligence team, this report is a testament to Intel 471’s collective commitment to understand your adversaries, expose their tactics and empower you to win the fight against them.

Intel 471 reported 34 ransomware variants were used to conduct 722 attacks from October 2021 to December 2021, an increase of 110 and 129 attacks from the third and second quarters of 2021, respectively.

Intel 471 reported 27 ransomware variants were used to conduct 455 attacks from July 2022 to September 2022, a decrease of 38 attacks from the second quarter of 2022 and 134 from the first quarter of 2022. The daily average of reported LockBit breaches was two - the same trend we observed from the ransomware group in the third and fourth quarters of 2021 and the first and second quarters of 2022.

Intel 471 can help your organization defend against a wide variety of cyber threats by providing deep insights and comprehensive expertise into cybercriminal actors and related activity. This report provides a brief exploration of our unique insight into the cyber underground, highlighting how we can proactively help you stay ahead of the curve, enabling you to fight cybercrime and win.

This report provides a strategic-level overview of threats identified impacting the U.K. and U.K. based businesses, including ransomware and initial access brokers (IABs). as well as common threat actors tactics, techniques and procedures (TTPs) observed.

Our research and collection methods largely are driven by our GIRs, however, we continue to acknowledge that new trends in our reporting, recurring requests for information (FRIs) and other significant activity from or against underground threat actors and/or services are equally important to our research into trending topics.