In the second quarter of 2021, more than 700 organizations were attacked by ransomware and posted data to data leak sites. New research report From cybersecurity company Digital Shadows.
Of the approximately 2,600 victims listed on the ransomware data breach site, 740 were named in the second quarter of 2021, an increase of 47% compared to the first quarter.
The report records the major events of the quarter. Dark Side Attack on Colonial Pipeline,attack Global meat processor JBS And an increase in law enforcement measures from US and European institutions.
However, Digital Shadows’ Photon Research Team has discovered that other ransomware trends are emerging under the hood. Since the Maze ransomware group contributed to the spread of the concept of data breach sites, double blackmail tactics have become prevalent among the groups that are trying to do the most damage after the attack.
Digital Shadows tracks information posted on 31 dark web leak sites and gives you access to the number of groups that stole data and posted online during a ransomware attack.
According to the report, data from companies in the industrial products and services sector was widespread on dark web leak sites. Construction and materials, retail, technology, and healthcare organizations also dominated the list of attacked organizations.
Ransomware attacks were the largest increase in the retail sector, with Digital Shadows researchers finding an increase of 183% between the first and second quarters.
On the activity side, Conti Group took the lead, followed by Abadon, PYSA and REvil.
“This is the second consecutive quarter we have seen Conti as the most active in terms of the victim named DLS. Conti is believed to be related to backpack ransomware, Consistently and ruthlessly targeting organizations in key sectors, including emergency services, “The report is of the group. Catastrophic attack on Irish medical system..
However, the report states that in the wider ransomware market, many groups have disappeared or emerged out of nowhere. According to Digital Shadows, in the second quarter, Avaddon, Babuk Locker, DarkSide and Astro Locker ransomware groups all grouped closed operations, including Vice Society, Hive, Prometheus, LV Ransomware, Xing and Grief ransomware operations. The group has emerged on its own dark web leak site. ..
The report also states that 60% of victims’ organizations are based in the United States, and only Canada sees a decline in ransomware attacks in the first and second quarters.
In the second quarter, more than 350 US organizations were hit by ransomware, compared to 46 in France, 39 in the UK and 35 in Italy.
The researchers behind the report said in the third quarter Kaseya ransomware attackThe REvil operator used a zero-day vulnerability to compromise over 40 managed service providers.
“Ransomware operations are likely to continue to operate bravely until the third quarter of 2021, with limited potential users and potential revenue streams,” the researchers said. Is writing.
https://www.zdnet.com/article/740-ransomware-victims-named-on-data-leak-sites-in-q2-2021-report/#ftag=RSSbaffb68 740 ransomware victims named on a data breach site in the second quarter of 2021