News SME innovation Security Technology

Unit 42, a research team at Palo Alto Networks, has released its Ransomware Retrospective report showing that the ransomware landscape has seen significant changes and challenges over the past year. The report shows that the manufacturing industry is most affected in the Netherlands; This sector is responsible for 30% of all ransomware attacks.

Read more

Compared to 2,679 messages in 2022, Unit 42 identified 3,998 messages from ransomware leak sites in 2023. This is an increase of approximately 49%. This increase can be explained by high-profile vulnerabilities such as SQL injection for MOVEit and GoAnywhere MFT services. Zero-day attacks for these vulnerabilities caused a spike in ransomware infections by groups like CLOP, LockBit, and ALPHV (BlackCat).

Law enforcement

Moreover, several prominent ransomware groups have disappeared in 2023. Their downfall was caused in part by excessive exposure and aggressive tactics, which attracted the attention of law enforcement agencies and cybersecurity organizations. These ransomware groups were the center of attention, creating additional pressure and operational challenges. Law enforcement efforts have led to great success in disrupting ransomware operations, with some notable groups appearing to have ceased operations by 2023, for example:

Hive: One of the most prolific groups in 2022, shut down in 2023. This operation obtained the group's decryption keys and offered them to victims worldwide, saving victims more than $130 million in potential ransom payments.

Ragnar Locker: Originally started in 2019, has been very active since then. In October 2023, Europol reported a coordinated international law enforcement operation that seized the Ragnar Locker infrastructure. The main perpetrator was then brought to the Paris court.


Law enforcement has worked to provide victims with decryption keys, seize infrastructure, and arrest key threat actors. This way they could prevent ransomware groups from making a lot of money. The outcomes have forced employees to leave these groups and look for more profitable alternatives.

News SME innovation Security Technology