CIO Influence
CIO Influence News Security

Black Kite Unveils Industry’s First Monthly Ransomware Dashboards

Black Kite Unveils Industry’s First Monthly Ransomware Dashboards

Research offers critical insight into top ransomware groups, their victims, and the most common indicators of compromise over the past six months

Black Kite, the leader in third-party cyber risk intelligence, unveiled the industry’s first monthly ransomware dashboard, featuring crucial insights for security teams, media, analysts, and other industry leaders. The resource provides data, graphs, trends, and key insights from Black Kite’s threat intelligence team about the top ransomware groups, their victims, and attack patterns. Black Kite also analyzes the top ransomware indicators to identify common vulnerabilities exploited by active ransomware groups, and using data and machine learning, Black Kite’s Ransomware Susceptibility Index (RSI) paints a comprehensive picture of the industry-specific cyber-risks that organizations face each month.


CIO INFLUENCE News: Sevilla FC Transforms the Player Recruitment Process with the Power of IBM watsonx Generative AI

In December alone, the research team monitored over 360 victims. The most common indicators of compromise were MX and DNS misconfigurations that allowed for spoofing and phishing attacks (266) and in-use services and products with vulnerabilities of high exploitability (233). Additionally, 49% of victims had open RDP or SMB ports publicly visible. Research also revealed that although LockBit continues to dominate the landscape, an emerging ransomware group, WereWolves, entered the top three for the first time.

“Since recently entering the scene, the WereWolves ransomware group has targeted 26 victims in the U.S., Europe, and Russia,” said Ferhat Dikbiyik, head of research at Black Kite. “The group is unusual because it has a full-fledged website that recruits new members and offers a bounty program for security vulnerabilities. It is also unusual to see ransomware groups targeting Russian companies, which we have only witnessed before from short-lived ransomware groups.”

Read More : CIO Influence Interview with Devin Ertel, CISO at Menlo Security

The monthly dashboard has surfaced trends over the past six months, including:

  • LockBit has the biggest share in this set of victims with 21% of victims published by the group.
  • Exploiting vulnerabilities has become the most common method.
  • New groups, including WereWolves, While Play, 8base, and Akira, are putting themselves in the top ranks with an increasing number of victims.
  • The U.S. continues to be the most targeted country. However, there were unusual peaks in some countries, such as Russia, Bulgaria, Iran, and Israel, due to several political conflicts.
  • The manufacturing industry remained one of the top industries targeted and saw an increase in attacks in the second half of the year.
  • There was an increase in attacks on the healthcare and information industries.

“Ransomware gangs are constantly evolving their tactics, and are operating at growing scales in order to get bigger profits from their victims,” said Dikbiyik. “As there is no sign of these attacks slowing down, it’s important to understand these gangs’ motivation and actions in order to have smarter security strategies to prevent attacks. This is why we have created a free resource and will continue to monitor the landscape for trends with industry-wide impact.”

As these groups become more sophisticated, it is imperative that companies understand their risk and are armed with the tools to make informed decisions about their security strategies. Black Kite’s monthly report dashboard provides critical visibility to help connect the dots between ransomware groups’ patterns and their victims so that the bad actors are no longer operating in the shadows.

CIO INFLUENCE News: SAP Security Response Names SecurityBridge’s Research Lab As Top-3 Worldwide; Joris Van De Vis Appointed Lab’s Director

[To share your insights with us, please write to]

Related posts

Bidtellect Crunches Big Data for Smarter Advertising With HPE Ezmeral

CIO Influence News Desk

Mandiant Introduces New Managed Detection and Response Service for Microsoft Defender for Endpoint

CIO Influence News Desk

New Study Shows That Knowledge and Experience Need to Ramp Quickly to Meet the Massive Expectations for Cloud-Native Development

CIO Influence News Desk