A new study by Intel 471 shows that just four types of ransomware - Lockbit 2.0, Conti, PYSA and Hive - were used for almost 70 percent of the registered incidents. Over 700 attacks were evaluated - the ransomware LockBit 2.0 was the leader with almost 30 percent.
Ransomware is a problem that has become increasingly relevant over the years. Countless groups are trying to secure their piece of the cake with different types of ransomware using ever new methods and attack vectors. But as in almost all areas of life, there are those who are more successful than others. An investigation by the cyber security experts at Intel 471 has now revealed what these are.
Over 700 ransomware attacks evaluated
722 ransomware attacks were analyzed between October and December 2021. The result: the ransomware LockBit 2.0 alone was used for 29,7 percent of the incidents. This malware became known through prominent victims such as the consulting firm Accenture or the French Ministry of Justice. The Conti Group was in second place, to which 19 percent of the incidents could be attributed. B. was noticed by the attack on the travel company FTI. However, this group has recently been in the press because of an apparently dissatisfied accomplice who kept leaking insider information. PYSA and Hive ransomware accounted for 10,5 and 10,1 percent of attacks, respectively.
Target consumer goods and industrial products
In addition to the originators of the cyber incidents, the security researchers also examined the areas most affected. At the top of the list: consumer goods and industrial products. Almost a quarter of the attacks occurred in this branch, which is a significant increase compared to the previous quarter. This could be due to the fact that consumer goods and industrial products are particularly attractive to cybercriminals, since people rely on them in everyday life. If there are outages here because a service has been encrypted, this can affect a large number of customers, which in turn increases the pressure to pay the ransom. This was also the case in 2020, for example, when the GPS specialist Garmin fell victim to a ransomware attack and customers suddenly no longer had access to the company's services. According to reports, Garmin paid millions at the time to get it back to work.
Production and manufacturing in focus
Manufacturing and manufacturing was the second most affected sector, accounting for 15,9 percent of ransomware attacks. Many manufacturing companies work around the clock and often produce essential goods for daily needs, so here too cybercriminals have leverage with which they can force their victims to pay. Professional services and consulting was the third most affected sector by ransomware with 15,4 percent of incidents, followed by real estate with 11,4 percent. Life sciences and healthcare followed in fifth place. Here, too, the number of attacks has increased significantly. Hospitals in particular are tempting targets, as disruption in this area means patients cannot be treated.
More at 8com.de
About 8com The 8com Cyber Defense Center effectively protects the digital infrastructures of 8coms customers from cyber attacks. It includes security information and event management (SIEM), vulnerability management and professional penetration tests. It also offers the setup and integration of an Information Security Management System (ISMS) including certification according to current standards. Awareness measures, security training and incident response management round off the offer.