Ransomware Attacks on the Rise Around Europe

The Europe Regional Deep Web Report, which emerged with the research of the SOCRadar analyst team, is now available.

Dark web incidents, hacker forum mentions, compromised credentials, and data exposure findings in the European region are included in the report.

What’s in the Report?

SOCRadar, the early warning system for information security, analyzes thousands of deep web resources every day, including hacker forums and social channels. According to the deep web activities targeting Europe between September 1 and September 30, 2021, the report includes information in the following categories:

Deep web mentions
Compromised credentials
Malware/bot-infected users
Highly critical data exposure results

Date of the latest exposure

UK is the Leader With the Most DeepWeb Threats

Compared to the previous reporting period covering August 2021, Russia took the lead as the country where deep web sharing was directed the most, while the United Kingdom rose to first place in September. According to the report dated September 2021, the UK is followed by Russia, Germany, France, and Italy. Italy was not among the top five countries where the most attacks could be directed in the reports of the previous period.

When the report is examined, we can say that the intensity of deep web threats in Europe has almost not changed compared to the previous month.

Ransomware Attacks on the Rise

In August 2021, 21% of deep web posts were related to ransomware attacks, but this rate decreased to 33% during September. After ransomware, data leak with 32% and data leak with 18% in August, while the most dangerous threat for the APAC region was data sale with 34 percent in September.

According to the deep web report dated September 2021, the most cyber threats came from ransomware attacks, with a rate of 33 percent. In August, the same rate was 21 percent.

After ransomware, the most notable data is data sales, which is the second most common form of attack. While 76 percent of data sales consisted of customer data, this rate was followed by sensitive data with 19.5 percent, stealer data with 2.6 percent, and employee data with 1.3 percent.

LockBit is in the Lead

The most active ransomware groups in Europe are LockBit 2.0, Conti, and. Blackmatter.

Threats to Cryptocurrency Exchange Detected in Europe

According to the September 2021 Europe Regional DeepWeb report prepared by SOCRadar, “Unauthorized Access” ranks third among threat landscape with 12 percent. Among them, network access accounts for 44 percent and RDP for 16 percent.

Among the countries in Europe, the first two sectors where cyber threats are most directed were media-entertainment and e-commerce sites in August, while in the newly published report, this ranking was IT and banks.

While the finance, manufacturing and government sectors are watching this data, one of the remarkable points in the European report comes out. While investigating DeepWeb threats in Europe, we see that unlike other regions, “cryptocurrency exchange” and “construction companies” are also under threat.