
U.S. Authorities Seize RAMP, a Major Ransomware Marketplace
Read Our Expert Analysis
Create an account or login for free to unlock our expert analysis and key takeaways for this development.
By continuing, you agree to receive marketing communications and our weekly newsletter. You can opt-out at any time.
Recommended for you
Ransomware Shift: Low Payouts Force Return to Encryption and Targeted Disruption
Mass data-theft campaigns have lost their profit edge as corporate resistance to paying ransoms grows, prompting ransomware operators to favor encryption and more disruptive tactics. High-profile law-enforcement seizures of prominent forums (e.g., RAMP) are adding friction for criminals but also driving them into more private, invitation-only channels.
Machine identities missing from ransomware playbooks
Enterprise ransomware playbooks commonly treat credential resets as a human-only control, leaving service accounts, API keys, tokens and certificates intact — a blind spot that accelerates lateral movement and drives recovery costs. Market shifts toward targeted, disruption-focused extortion and faster weaponization via agentic AI make that omission more dangerous: defenders must pair machine-identity governance with identity-first detection and quicker containment to blunt modern ransomware economics.
Ransomware strike at Ingram Micro exposes sensitive records of ~42,500 people
A July ransomware incident at Ingram Micro led to the theft of employment and applicant records for about 42,521 people and service outages that were largely resolved within a week. A threat actor later published roughly 3.5 TB of claimed data; the company is offering two years of identity protection while facing regulatory notification, legal exposure, and heightened supply‑chain scrutiny.

