Threat actors don’t seem to take a break, especially ransomware operators. Ransomware has evolved to become a massive threat to any business. Gangs such as REvil, DarkSide, and Babuk have made their names in disrupting critical infrastructure. The Advanced Threat Research Report: October 2021 by McAfee found that REvil accounted for 73% of all attacks in Q2 2021.

What did the report find?

  • In Q2, the government sector was the most impacted by ransomware attacks, followed by telecom, energy, and media & communications sectors. 
  • The transformation of cloud security to adapt to the pandemic-related work conditions made space for more exploits and targets. Cloud threat campaigns drastically affected the financial services sector in the last quarter.
  • The U.S. accounted for the highest number of reported incidents at 47%, while Europe witnessed the largest rise in incidents at 52%.
  • Spear-phishing became the topmost initial access vector, followed by abusing public-facing apps and valid accounts.
  • Q2 2021 also witnessed the use of several attacks using PowerShell or Windows Command Shell to deploy malware.

Other findings

The statistics below have been discovered by ESET for T2 2021:
  • Ransomware attacks observed the highest ransom demands to date, with three major spikes.
  • TrickBot displayed significant growth in detections in the infostealer category.
  • While web threats saw a plunge, it was compensated by a rise in malware distributing URLs and phishing.
  • In T2, Android threats such as adware, banking malware, and spyware observed massive growth.

The bottom line

Years of malicious activities have finally put ransomware gangs at the top-tier of cybercrimes. While some gangs were forced to shut down or rebrand, new gangs kept popping up. Not only ransomware, but other threats are growing too. However, following best cyber practices and employing relevant technologies can keep organizations safe from these cyber threats.

Cyware Publisher