Ransomware surged by 150% in 2020 with the normal extortion quantity doubling, in accordance to a new report from Team-IB.
The Singapore-based mostly security agency analyzed over 500 attacks last calendar year to compile its Ransomware Uncovered 2020-2021 report, which maps for the initially time the most typical techniques, approaches and techniques (TTPs) to the MITRE ATT&CK framework.
The ordinary ransom desire stood at $170,000 last year, but teams like Maze, DoppelPaymer, and RagnarLocker averaged involving $1 million and $2 million, it claimed.
This is mainly because of their aim on “big-game hunting” — likely immediately after substantial and normally privately held organizations that are judged loaded adequate to pay massive sums to stay clear of downtime. In fact, the normal ransomware victim suffered 18 days of outages last year, which could have a chilling impact on profits and popularity.
This is also why most of the attacks Group-IB analyzed were focused at North The usa and Europe, wherever most Fortune 500 companies are found.
Even country state teams like North Korea’s Lazarus and China’s APT27 have been finding included, the report claimed.
Even so it was the Maze (20%), Egregor (15%) and Conti (15%) groups that accounted for most of the attacks analyzed by Group-IB.
The Ransomware-as-a-Company (RaaS) product accounted for the the vast majority (64%) of attacks examined for this paper, and 15 new affiliate courses appeared in 2020.
Although the Maze group appeared to bow out in late 2020 whilst law enforcement managed to disrupt variants such as Egregor and Netwalker, new entrants to the sector like Conti and DarkSide were being also speedy to show up in the course of the year.
In a reflection of the shift to mass distant functioning for the duration of the pandemic, more than half (52%) of attacks researched in the report employed publicly accessible RDP servers to gain preliminary access, adopted by phishing (29%) and exploitation of general public-experiencing apps (17%).
Oleg Skulkin, senior electronic forensics analyst at Group-IB, argued that likely ahead RaaS plans would continue to mature, with additional cyber-criminals focusing their initiatives on precise niches such as original network accessibility for resale and details exfiltration.
“The pandemic has catapulted ransomware into the risk landscape of each and every group and has built it the deal with of cybercrime in 2020,” stated Oleg Skulkin, senior digital forensics analyst at Team-IB. “From what utilised to be a rare exercise and an conclusion-consumer concern, ransomware has evolved previous yr into an organized multi-billion market with level of competition inside, marketplace leaders, strategic alliances and various business models. This effective undertaking is only likely to get more substantial from here.”
Some sections of this posting are sourced from: