In order to maximize their earnings, ransomware groups have started focusing their efforts on businesses that pull in over $1 billion in revenue, new research has claimed.
Studying more than two dozen ransomware operators, a report from cybersecurity vendor Trend Micro highlighted that the Nefilim gang has managed to extort the highest revenue thanks to its “ruthless focus” on the billion-dollar corporations.
“Modern ransomware attacks are highly targeted, adaptable and stealthy – using proven approaches perfected by APT [advanced persistent threat] groups in the past. By stealing data and locking key systems, groups like Nefilim look to extort highly profitable global organizations,” said Bob McArdle, director of cybercrime research for Trend Micro.
The report provides an insight into the inner-workings of modern ransomware attacks and suggests how advanced threat detection and response platforms can help stop them.
It also looks at their evolution and reveals how ransomware groups manage to operate under the radar, in order to unravel the workings of what Trend Micro refers to as a fast-growing underground economy.
The report also reveals learning based on the study of over two dozen ransomware gangs.
Of the 16 ransomware groups the report studied between March 2020 and January 2021, the Conti, Doppelpaymer, Egregor and REvil gangs led the way in terms of number of victims exposed, while at 5TB Cl0p had the most stolen data hosted online.
To better describe the current generation of ransomware, the report takes a deepdive inside the Nefilim ransomware gang, which it says is one of the less-studied ransomware families and “offers a good look into the modus operandi of modern ransomware.”
“The current situation is as good as it gets for experts on the defensive side. This is the new benchmark — and cybersecurity and professionalism will only get better from here,” the report suggests.