Download the report
This report uses data extracted directly from our Ransomware Search and Insights module to demonstrate how ransomware groups operate on the dark web.
We look at the three most prolific groups in 2022 – LockBit, Conti, and BlackCat – to demonstrate just a fraction of what can be gleaned about ransomware operators from dark web intelligence, and how cybersecurity practitioners can practically action this data. Each profile includes a history of the ransomware group, an overview of their tactics, their victimology and noteworthy targets, plus detail on their cybercriminal forum presence, and much more.
Organizations have to keep track of these changes so they are protecting against current and emerging threats, rather than the attack techniques of the past. Gathering intelligence on groups in as real-time as possible gives them the best chance to effectively threat model for a ransomware attack, prepare their defenses, and mitigate their risk. This is where the dark web – and this report – comes in. The dark web is the best source of intelligence on what ransomware groups are doing right now.
Our Director of Threat Intelligence also provides his insights on how you action dark web data on ransomware operators to better protect your business, including the fundamentals of threat modeling, and how you assess a threat using the criteria of “capability, opportunity, and hostile intent”.