Ransomware attacks decrease, operators started rebranding


Positive Technologies experts have analyzed the Q3 2021 cybersecurity threatscape and found a decrease in the number of unique cyberattacks. However, there’s been an increase in the share of attacks against individuals, and also a rise in attacks involving remote access malware.

ransomware attacks decrease

The number of attacks in Q3 decreased by 4.8% compared to the previous quarter—the first time since the end of 2018 that Positive Technologies has recorded a negative trend. The researchers believe one key reason for the change is the decrease in ransomware attacks and the fact that some major players have quit the stage. This is also why the share of attacks aimed at compromising corporate computers, servers, and network equipment has fallen, from 87% to 75%.

“This year we saw the peak of ransomware attacks in April when 120 attacks were recorded. There were 45 attacks in September, down 63% from the peak in April. The reason is that several large ransomware gangs stopped their operation, and law enforcement agencies started paying more attention to the problem of ransomware attacks (due to recent high-profile attacks),” said Ekaterina Kilyusheva, Head of Research and Analytics, Positive Technologies.

Researchers also noted a trend toward the rebranding of existing ransomware gangs: Some operators are rethinking their preference for the Ransomware as a Service (RaaS) scheme, which carries certain risks from unreliable partners.

Kilyusheva explains: In Q2, we predicted that one of the possible scenarios of ransomware transformation would be that groups abandon the RaaS model in its current form. It is much safer for ransomware operators to hire people who will deliver malware and search for vulnerabilities as permanent ‘employees.’ It will be safer for both parties, as more organized and efficient all-in-one forms of cooperation can be created. In Q3, we saw the first steps in this direction. An additional boost for this transformation is the development of the market of initial access.”

The research shows that although the share of malware attacks on organizations decreased by 22%, the attackers’ appetite for data also led to an increase in the use of remote access trojans. In…

Source…