GRF analysts recently completed the semiannual ransomware report covering the first half of 2024. The report series tracks attacks based on public sources and conversations of threat actors in closed forums. Analysts compiled data on 1,690 successful attacks. Some key findings:

• Manufacturing was the most targeted industry with 280 victims. The next most targeted sector was Commercial Facilities with 215.

• This is the fifth report in a row that Manufacturing has been the most targeted industry.

• LockBit was the most prolific actor with 340 successful attacks despite setbacks from law enforcement’s Operation Cronos.

• The United States was targeted by 64% of all ransomware attacks tracked by GRF analysts, with 14% directed at companies within the EU, followed by 7% targeting the UK.

• Re-extortion has emerged as a complication for both victims and the ransomware-as-a-service business model itself.