Cyber security company Group-IB have recently published a eye opening report on ransomware – revealing that almost two-thirds of ransomware attacks analysed during 2020 came from cyber criminals operating on a RaaS model.
The report is well worth a read, and provides insightful details on how gangs operate and info to help cyber defence teams thwart attacks. It also includes some great threat hunting and detection tips.
Such is the demand for ransomware as a service, that 15 new ransomware affiliate schemes appeared during 2020, including Thanos, Avaddon, SunCrypt, and many others. Competition among ransomware developers can even lead to the authors providing special deals to wannabe crooks, which is more bad news for potential victims.
Group-IB’s DFIR team has for the first time mapped the most commonly used TTPs in 2020 in accordance with MITRE ATT&CK®.
Here’s a link to the full report: