Advanced Threat Research Report October 2021
As 2021 progressed through its second quarter and into the third, cyber criminals introduced new—and updated—threats and tactics in campaigns targeting prominent sectors. Ransomware campaigns maintained their prevalence while evolving their business models to extract valuable data and millions in ransoms from enterprises big and small.
DarkSide's highly publicized attack on Colonial Pipeline's gas distribution dominated cybersecurity headlines in May. MVISION Insights quickly identified DarkSide's early prevalence of targets within the United States, primarily Legal Services, Wholesale and Manufacturing, Oil, Gas, and Chemical sectors.
Shutting down a major U.S. gas supply chain grabbed the attention of public officials and Security Operations Centers, but equally concerning were other ransomware groups operating similar affiliate models. Ryuk, REvil, Babuk, and Cuba ransomware actively deployed business models supporting others' involvement to exploit common entry vectors and similar tools. These, and other groups and their affiliates, exploit common entry vectors and, in many cases, the tools we see being used to move within an environment are the same. Not long after DarkSide's attack, the REvil gang stole the spotlight using a Sodinokibi payload in its ransomware attack on Kaseya, a global IT infrastructure provider. REvil/ Sodinokibi topped our list of ransomware detections in Q2 of 2021.
Download now and read McAfee's Advanced Threat Research Report.
Read More
By submitting this form you agree to McAfee contacting you with marketing-related emails or by telephone. You may unsubscribe at any time. McAfee web sites and communications are subject to their Privacy Notice.
By requesting this resource you agree to our terms of use. All data is protected by our Privacy Notice. If you have any further questions please email dataprotection@techpublishhub.com
Related Categories: AIM, Cloud, Cloud Security, Cloud Storage, ERP, IT Infrastructure, Linux, Machine Learning, Malware, NAS, Network, Network Security, SAN, Server, Software, Spam, Storage
More resources from McAfee
Why Traditional EDR Is Not Working—and What...
If you work in infosec and haven't been living under a rock, you have undoubtedly heard of EDR. EDR, or endpoint detection and response, promises t...
Advanced Threat Research Report October 2021
As 2021 progressed through its second quarter and into the third, cyber criminals introduced new—and updated—threats and tactics in campaigns ...
Cloud Usage in the Financial Services Sector
This survey was created and completed by members of the the Financial Services Stakeholders Platform, a CSA working group whose main objective is t...