Analysis of recorded ransomware attacks between January and March 2022 highlighted LockBit 2.0 and Conti as the two most active ransomware gangs.

While the two gangs accounted for 58% of all incidents, LockBit was more prolific with 38% of ransomware attacks. Conti ransomware group accounted for 20% of ransomware attacks in the same period.

The analysis was recorded by cybersecurity researchers at Digital Shadows. According to the researchers, LockBit leaked the information of more than 200 victims in the first quarter of 2022, the highest number of leaks to date in 2022.

Both PYSA ransomware which is the third most active ransomware group, and REvil seem to have disappeared or stopped working.

New ransomware gangs are however coming up to replace those no longer working. Some of the new ransomware groups include Stormus, Night Sky, Zeon, Pandora, Sugar, and x001xs.

To protect themselves from ransomware attacks, organizations are advised to apply security patches to software and operating systems as quickly as possible.

In addition, organizations must enable multi-factor authentication for all users. This will help provide an additional layer of security.