According to a recent LinkedIn post from ReliaQuest, the company’s threat research team is tracking a sharp increase in Black Basta-style ransomware activity, particularly during March 2026. The post highlights that 32% of such activity seen since May 2025 occurred in that single month, with attackers increasingly targeting executives, managers, and directors.
Claim 30% Off TipRanks
- Unlock hedge fund-level data and powerful investing tools for smarter, sharper decisions
- Discover top-performing stock ideas and upgrade to a portfolio of market leaders with Smart Investor Picks
The post suggests that social-engineering driven intrusions are becoming faster and more structured, with some attacks reportedly moving from initial chat contact to malicious script execution in about 12 minutes. ReliaQuest’s research also points to manufacturing and professional, scientific, and technical services as the most frequently targeted sectors so far in 2026, each accounting for 26% of observed incidents.
According to the LinkedIn commentary, threat actors are combining email bombing with Microsoft Teams-based help-desk impersonation, and are relying on tools such as Supremo Remote Desktop and Quick Assist to secure remote access. The post further indicates that this activity is highly likely tied to former Black Basta affiliates who appear to be evolving and operationalizing prior tradecraft at scale.
For investors, this research spotlight underscores persistent and rising cyber risk for enterprise customers, especially in industrial and services verticals where operational disruption can carry high financial impact. The post implies sustained demand for advanced detection, incident response, and security operations services, areas that align with ReliaQuest’s core offerings and could support recurring revenue growth.
If organizations adopt the mitigation steps outlined in the post—such as tighter help-desk verification, stricter controls on remote management tools, and end-to-end attack chain detection—it may require increased security spending and tooling complexity. This environment could reinforce ReliaQuest’s positioning as a managed security and threat research provider, potentially strengthening its competitive standing amid elevated ransomware activity and regulatory pressure around cyber resilience.