informa
Quick Hits

REvil Most Popular Ransomware Variant in 2021 (So Far)

An increase in global cyberattacks was driven by Web shell activity, targeted ransomware and extortion operations, and supply chain intrusions.

The volume of global cyberattack activity increased 125% in the first half of 2021 compared with the same time frame last year, the Accenture Cyber Investigations, Forensics & Response (CFIR) team reports in a midyear update.

Their data, which stems from aiding clients in cyberattack recovery and response, indicates the triple-digit increase was primarily driven by Web shell activity, targeted ransomware and extortion operations, and supply chain attacks. Ransomware was the largest malware by category (38% of attacks), followed by backdoors (33%), credential stealers (6%), and droppers and launchers (6%), according to the report.

Some findings were consistent with last year: Once again, REvil/Sodinokibi was the most common ransomware variant, at 25% of attacks, followed by Hades (18%), DoppelPaymer (16%), Ryuk (9%), and Egregor (7%). Others made up the last 25% of the variants seen.

Five industries accounted for more than 60% of the total intrusion volume. These include consumer goods and services (21%), industrial (16%), banking (10%), travel and hospitality (9%), and insurance (8%). In terms of geography, the United States was most affected, with 36% of incident volume, followed by the United Kingdom (24%), Australia (11%), Germany (7%), and Italy (7%).

Read the full release and blog post for more findings.

Recommended Reading: