Ransomware is affecting more businesses than ever this year

(Image credit: Shutterstock / song_about_summer)

The number of businesses affected by ransomware is growing rapidly as criminal groups improve their tactics and come up with more sophisticated tools, new research has claimed.

A report from cybersecurity experts Digital Shadows found there had been 47% more compromised businesses in Q2 2021 compared to the first three months of the year.

Ransomware has significantly evolved in recent years, and has now become a “double-extortion” type of attack. In it, criminals don’t just encrypt the data and demand ransom for the decryption key - they also pull the sensitive data out of the company and threaten to release it on the dark web, either for free or for sale, if their demands aren’t met.

As reported by ZDNet, of the 2,600 victims listed on ransomware data leak sites, 740 of them were listed in the second quarter of the year.

The threat landscape is changing rapidly, the report further stated. While some of the more popular, older operators, such as Avaddon, Babuk Locker, DarkSide, and Astro Locker all terminated their operations during this quarter, entirely new groups emerged. Among them - Vice Society, Hive, Prometheus, LV Ransomware, Xing, and Grief - all with their own Dark Web leak sites. 

Ransomware targeting industrial goods firms

The report pulled its information from 31 Dark Web leak sites, and found that in most cases, ransomware operators target companies from the industrial goods and services sector, followed by materials, retail, technology and healthcare.

Retail was particularly popular in Q2, with attacks surging 183% between the two quarters. Conti, Avaddon, PYSA, and REvil were the four most popular variants.

"This is the second consecutive quarter that we have seen Conti as the most active in terms of victims named to their DLS. Conti, believed to be related to the Ryuk ransomware, has consistently and ruthlessly targeted organizations in critical sectors, including emergency services," the report reads. 

Most of the victims are in the US (more than 350). The report’s authors believe ransomware will continue growing into the third quarter of the year, as well.

Via: ZDNet

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.