Ransomware & Digital Extortion (R&DE) threat collective LockBit conducted more attacks during Q4 2023 (October-December) than in any other quarter, despite their activity accounting for a significantly reduced proportion of the wider threat landscape’s activity.
It is almost certain that LockBit is benefitting from the December disruption of other R&DE collectives—particularly through procuring affiliates from ALPHV and NoEscape.
A greater proportion of LockBit’s attacks were leveraged against the manufacturing and retail industries in Q4 2023, both of which are above the threat landscape average.