REvil is dominating the global ransomware scene
Brazen campaigns could led to unprecedented action
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Cybersecurityexperts traced a clear majority (73%) ofransomwaredetections in Q2 2021 to one group - the REvil gang.
For its October Advanced Threat Research Report,McAfeeEnterprise crunched threat data from over a billion sensors across multiple threat vectors around the world.
“Names such as REvil, Ryuk, Babuk, and DarkSide have permeated into public consciousness, linked to disruptions of critical services worldwide. And with good measure, since the cybercriminals behind these groups, as well as others, have been successful at extorting millions of dollars for their personal gain,” noted Raj Samani, McAfee Enterprise fellow and chief scientist.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
Click here to start the survey in a new window«
According to the report,cloudincidents that attacked businesses in the US accounted for 34% of incidents recorded in Q2 2021. Notably, even though Europe saw the largest increase in reported incidents (52%), the UK registered a drop of 19% in the time period.
Evolving landscape
According to the researchers, Q2 2021 was an interesting quarter for ransomware as it managed to attract unprecedented attention from the US administration.
In fact, the response to DarkSide’s attack onColonial Pipeline, and REvil’s campaign against the global IT infrastructure providerKaseya, caused both groups to halt their operations abruptly.
Interestingly, the fear of repercussions from the authorities even prompted the cybercriminal underground forums that provide safe haven for these cybercriminals to institute a ban on ransomware advertisements.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
However, as the report notes, these actions appear to be temporary measures, asREvil has reared its headon the forums once again, while DarkSide seems to have evolved intoBlackMatter.
The good however is that the report shows that attacks across several sectors, such as information and the manufacturing sectors, were down.
“Organizations shouldn’t get complacent, however, and should use this as an opportunity to figure out what has worked well and how they could tighten up their defences against future attacks,” suggested Adam Philpott, EMEA President at McAfee Enterprise.
If the threat actors were expecting the threat of action from the authorities has blown over, they have another thing coming as US President Joe Biden has announced plans tobring together over 30 countriesto jointly tackle the rising ransomware menace.
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics
This new phishing strategy utilizes GitHub comments to distribute malware
Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well
