Ransomware Attacks Soared 150% in 2020
Ransomware surged by 150% in 2020 with the average extortion amount doubling, according to a new report from Group-IB.
The Singapore-based security firm analyzed over 500 attacks last year to compile its Ransomware Uncovered 2020-2021 report, which maps for the first time the most common tactics, techniques and procedures (TTPs) to the MITRE ATT&CK framework.
The average ransom demand stood at $170,000 last year, but groups like Maze, DoppelPaymer, and RagnarLocker averaged between $1 million and $2 million, it claimed.
This is because of their focus on “big-game hunting” — going after large and usually privately held organizations that are judged rich enough to pay large sums to avoid downtime. In fact, the average ransomware victim suffered 18 days of outages last year, which could have a chilling effect on revenue and reputation.
This is also why most of the attacks Group-IB studied were targeted at North America and Europe, where most Fortune 500 firms are located.
Even nation state groups like North Korea’s Lazarus and China’s APT27 have been getting involved, the report claimed.
However it was the Maze (20%), Egregor (15%) and Conti (15%) groups that accounted for most of the attacks analyzed by Group-IB.
The Ransomware-as-a-Service (RaaS) model accounted for the majority (64%) of attacks studied for this paper, and 15 new affiliate programs appeared in 2020.
Although the Maze group appeared to bow out in late 2020 while police managed to disrupt variants such as Egregor and Netwalker, new entrants to the market like Conti and DarkSide were also quick to appear during the year.
In a reflection of the shift to mass remote working during the pandemic, over half (52%) of attacks studied in the report used publicly accessible RDP servers to gain initial access, followed by phishing (29%) and exploitation of public-facing applications (17%).
Oleg Skulkin, senior digital forensics analyst at Group-IB, argued that going forward RaaS programs would continue to grow, with more cyber-criminals focusing their efforts on specific niches such as initial network access for resale and data exfiltration.
“The pandemic has catapulted ransomware into the threat landscape of every organization and has made it the face of cybercrime in 2020,” said Oleg Skulkin, senior digital forensics analyst at Group-IB. “From what used to be a rare practice and an end-user concern, ransomware has evolved last year into an organized multi-billion industry with competition within, market leaders, strategic alliances and various business models. This successful venture is only going to get bigger from here.”
We’re 4tc Managed IT Services
4TC can support you with all the services you need to run your business effectively, from email and domain hosting to fully managing your whole IT infrastructure.
Setting up a great IT infrastructure is just the first step. Keeping it up to date, safe and performing at its peak requires consistent attention.
So we can act as either your IT department or to supplement an existing IT department. We pride ourselves in developing long term relationships that add value to your business with high quality managed support, expert strategic advice, and professional project management.
News Source: https://www.infosecurity-magazine.com/
Tel: 020 7250 3840
124 City Road
Dew Gates The Street