According to a new report, fueled by crypto, ransomware was involved in 79% of worldwide cybersecurity incidents in the last 18 months of the pandemic
According to a new report released on Monday, ransomware was involved in 79% of global cybersecurity incidents in the past 18 months of the pandemic, with Conti and REvil ransomware attacks leading the way.
According to researchers from global cyber security firm Sophos, cryptocurrency will continue to fuel cybercrimes such as ransomware and malicious cryptomining, and the trend will persist until global cryptocurrencies are better regulated.
The ransomware landscape will grow more modular and uniform in the coming year, with attack “specialists” offering various elements of an attack “as-a-service” and providing playbooks with tools and techniques that allow different adversary groups to carry out very identical attacks.
Ransomware-as-a-service (RaaS) was used in some of the year’s most high-profile ransomware attacks, including one against Colonial Pipeline in the United States by a ‘DarkSide’ affiliate.
The implementation guide provided by the operators was leaked by an affiliate of Conti ransomware, showing the step-by-step tools and techniques that attackers could use to deploy the ransomware.
Chester Wisniewski, Principal Research Scientist at Sophos, said “Ransomware thrives because of its ability to adapt and innovate,”
Wisniewski said in a statement “In 2021, RaaS developers are investing their time and energy in creating sophisticated code and determining how best to extract the largest payments from victims, insurance companies, and negotiators,”
During the year 2021, Sophos researchers uncovered cryptominers like Lemon Duck and MrbMiner, which took advantage of newly-reported vulnerabilities and targets already breached by ransomware operators to install cryptominers on computers and servers.
According to the report, ransomware attackers use of different forms of extortion to push victims into paying the ransom is expected to continue and grow in scope and intensity.
Wisniewski said “It is no longer enough for organisations to assume they’re safe by simply monitoring security tools and ensuring they are detecting malicious code,”