Cryptographers have effectively become the # 1 cyber threat for both business and government: the number of successful attacks last year grew by more than 150% by 2019, and the average ransom amount more than doubled to $ 170,000 in 2020 , according to the latest report of Group-IB "Ransomware 2020-2021" .
First of all, large corporate networks were at risk - targeted ransomware attacks (The Big Game Hunting) paralyzed the work of such giants as Garmin, Canon, Campari, Capcom and Foxconn in 2020. Downtime from one attack averaged 18 days. Most of the attacks analyzed by Group-IB occurred in North America and Europe, where most of the Fortune 500 companies are located, as well as in Latin America and the Asia-Pacific region.
Maze, DoppelPaymer RagnarLocker — , , $1 000 000 $2 000 000. Conti, Egregor DarkSide « » , , . -5 , Group-IB, Maze, Egregor, Conti, REvil DoppelPaymer. : Egregor Netwalker , Maze 2020 . , 2021 , Group-IB, - .
, « », OldGremlin — Group-IB . 2020 OldGremlin 9 — , , . 2020 OldGremlin — $50 000.
« - , , — , Group-IB. — OldGremline , IT- . RTM, ».
- Ransomware-as-a-Service (« »). , , . . Group-IB DFIR , 64% , 2020 , , RaaS.
2020 — . Group-IB Threat Intelligence & Attribution system 15 -. , Trickbot, Qakbot Dridex, - .
RDP-. 52% , Group-IB DFIR, RDP-, (29%) (17%).
, 13 , , . , , — , , — « » Maze.
, — «», , , (TTP) . TTPs , MITRE ATT&CK®, , , , Group-IB Digital Forensics and Incident Response (DFIR), «- 2020-2021 ».
