REvil Most Popular Ransomware Variant in 2021 (So Far)REvil Most Popular Ransomware Variant in 2021 (So Far)

The volume of global cyberattack activity increased 125% in the first half of 2021 compared with the same time frame last year, the Accenture Cyber Investigations, Forensics & Response (CFIR) team reports in a midyear update.

Their data, which stems from aiding clients in cyberattack recovery and response, indicates the triple-digit increase was primarily driven by Web shell activity, targeted ransomware and extortion operations, and supply chain attacks. Ransomware was the largest malware by category (38% of attacks), followed by backdoors (33%), credential stealers (6%), and droppers and launchers (6%), according to the report.

Some findings were consistent with last year: Once again, REvil/Sodinokibi was the most common ransomware variant, at 25% of attacks, followed by Hades (18%), DoppelPaymer (16%), Ryuk (9%), and Egregor (7%). Others made up the last 25% of the variants seen.

Five industries accounted for more than 60% of the total intrusion volume. These include consumer goods and services (21%), industrial (16%), banking (10%), travel and hospitality (9%), and insurance (8%). In terms of geography, the United States was most affected, with 36% of incident volume, followed by the United Kingdom (24%), Australia (11%), Germany (7%), and Italy (7%).

Read the full release and blog post for more findings.