<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1354242&amp;fmt=gif">
[DIAGRAM] Why ransomware takedowns don’t always mean lower activity

Webinar Replay

Q1 Ransomware Findings: Ransomware Takedowns ≠ Lower Activity, ScreenConnect Hack, and More


Despite a record-breaking 2023 and the disruption of two major ransomware groups early this year, 2024 has not brought respite from ransomware. With 1,075 leak site victims reported in Q1, this quarter has seen a 21% increase over the same period last year and is the most active first quarter ever recorded on ransomware leak sites. 

How can ransomware rise when two of the most active groups scale back or cease operations? And if takedowns of ransomware groups aren’t the only answer to combating ransomware, what lessons can we learn from recent hacks like ScreenConnect to help organizations stay safe?

Hear from Corvus threat intel and claims experts as they cover the findings of our latest ransomware report:

  • What was behind the recent high-profile disruptions of leading groups LockBit and BlackCat (ALPHV) — and how ransomware activity rose in Q1 anyway

  • The impact of ransomware across various industries, including a spike in healthcare targets

  • Lessons from the ScreenConnect hack for organizations aiming to mitigate the impact of a third-party attack

  • As always, a review of the latest trends and statistics on ransomware from last quarter!

Featured Speakers


Jason Rebholz

Chief Information Security Officer, Corvus Insurance



Ryan Bell

Head of Threat Intelligence, Corvus Insurance



Fayon Atkinson

Cybersecurity Advisor, Corvus Insurance



Reina Dorvilier

Senior Claims Manager, Corvus Insurance


Watch Now