The extent and severity of ransomware attacks witnessed an all-time high in 2020 and there’s no reason to believe that it is going to be any different this year. This is not a conjecture, but the constant ransomware attacks have proved this.

What’s going on?

Spirit Airlines was once again hit by the Nefilim ransomware gang. The threat actor published 40GB of stolen data, consisting of more than 33,000 files, on the dark web. The data, moreover, contains sensitive information about transactions made by customers. The first hack was in 2017.

Some stats your way

  • Analysis by Group-IB showed that ransomware incidents surged by 150% in 2020.
  • Not only the attacks grew by number, the average ransom demanded witnessed a hike too; it increased by twofold to $170,000.
  • The most common target, last year, was public-facing RDP servers. And, it doesn’t seem to get any better.

Spilling more facts

  • The REvil ransomware actor has started making calls to business partners of victims and journalists, along with DDoS attacks, as another step to its extortion tactic.
  • A new strain of the Darkside ransomware has emerged that is being claimed by its creators to provide virtual machine targeting, greater encryption speed, and VoIP calling. Dubbed Darkside 2.0, this variant offers multithreading capabilities in Windows and Linux.
  • A security researcher discovered a new ransomware, dubbed Hog, that encrypts victims’ devices and only decrypts them if the victims join the operator’s Discord Server.

Latest attacks

  • REvil has claimed to have attacked nine organizations across the U.S, Mexico, Africa, and Europe, in a span of two weeks.
  • Following the disclosure of the ProxyLogon vulnerabilities, threat actors are now installing the new DEARCRY ransomware after intruding into Microsoft Exchange Servers.

The bottom line

It all comes down to the fact that weak security cannot be tolerated by any organization anymore. Ransomware attacks are surging unchecked and the destructive repercussions cannot be ignored. Follow recommendations made by security experts and stay safe.

Cyware Publisher