Read or download the full report here: https://www.kroll.com/en/insights/publications/cyber/threat-intelligence-reports/q1-2023-threat-landscape-ransomware-splinter-swarm-professional-services

00:00 - Intro

03:47 - Spotlight: Sector Analysis

07:18 - Professional Services Targeted by Ransomware

08:05 - Gootloader Case Study

16:02 - Initial Access

19:40 - QAKBOT Case Study

23:13 - Spolight: Ransomware

30:02 - Threat Incident Types

30:49 - QAKBOT and Black Basta Case Study

37:05 - Exfiltration Tools Usage

38:15 - Summary and recommendations

42:10 - Q&A

Watch the Q1 2023 Threat Landscape Virtual Briefing to hear from Kroll’s cyber threat intelligence leaders as they explore key insights gained through cyber incidents handled worldwide in the first quarter of 2023.

In Q1 2023, Kroll observed a 57% increase in the overall targeting of the professional services sector from the end of 2022. Ransomware propelled this increase, as the sector, particularly legal firms, was the most likely target of extortion and encryption attacks in Q1. While well-known ransomware-as-a-service (RaaS) operations such as LockBit continue to dominate the ransomware landscape, Kroll observed a number of lesser-known variants during the quarter, highlighting the number of independent attackers conducting ransomware operations outside of the established RaaS groups.

Read all threat reports from Kroll: https://www.kroll.com/en/insights/publications/cyber/threat-intelligence-reports

Explore Kroll's Cyber Risk blog: https://www.kroll.com/en/insights/publications/cyber

#cyberrisk #threatintelligence #threathunting