Researchers have recorded a 935% year-on-yr enhance in double extortion attacks, with info from more than 2300 providers posted on to ransomware extortion web-sites.
Group-IB’s Hi-Tech Crime Tendencies 2021/2022 report covers the period from the 2nd 50 % of 2020 to the initial 50 % of 2021.
During that time, an “unholy alliance” of initial obtain brokers and ransomware-as-a-services (RaaS) affiliate plans has led to a surge in breaches, it claimed.
In overall, the number of breach victims on ransomware information leak internet sites surged from 229 in the past reporting period of time to 2371, Group-IB pointed out. In the course of the identical period, the amount of leak internet sites much more than doubled to 28, and the variety of RaaS affiliate marketers elevated 19%, with 21 new groups discovered.
Team-IB warned that, even if target businesses spend the ransom, their details frequently end up on these sites.
Conti was explained to be the most aggressive ransomware team, leaking data on 361 victims (16.5%), followed by Lockbit (251), Avaddon (164), REvil (155) and Pysa (118).
The original obtain broker landscape has also matured substantially around the past year. Group-IB claimed to have found 229 new players in the industry, with the full now standing at 262. The quantity of offers on underground web-sites to promote entry to businesses nearly tripled, from 362 to 1,099.
The amount of sectors impacted by this sort of threats also surged from 20 to 35. People most impacted have been manufacturing (9%), instruction (9%), monetary companies (9%), healthcare (7%), and commerce (7%). The US (30%) was most routinely targeted, followed by France (5%) and the UK (4%).
In other places, cyber-criminals participating in phishing and rip-off affiliate applications pocketed a whole of at the very least $10m over the period of time, though the carding current market shrunk by 26%, from $1.9bn to $1.4bn.
Some parts of this report are sourced from: