>>seydor+(OP)
> Our analysis reveals several notable patterns. First, we observe an increase in the frequency of attacks by Russia-based ransomware groups leading up to elections in several major democracies, with no similar increase in attacks by groups based outside of Russia. Second, companies that withdrew from or suspended operations in Russia following the invasion of Ukraine were more likely to experience ransomware attacks in the months following the invasion, potentially indicating retaliatory motives. Third, we find a decline in the number of daily ransomware attacks after the invasion, which could be attributed to Russia enlisting ransomware operators to support its cyber offensive against Ukraine.
https://cyber.fsi.stanford.edu/news/new-paper-assessing-poli...