Ransomware is now going after billion-dollar targets

Report unravels the modus operandi of ransomware gangs

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

In order to maximize their earnings,ransomwaregroups have started focusing their efforts on businesses that pull in over $1 billion in revenue, new research has claimed.

Studying more than two dozen ransomware operators, a report fromcybersecurityvendorTrend Microhighlighted that the Nefilim gang has managed to extort the highest revenue thanks to its “ruthless focus” on the billion-dollar corporations.

“Modern ransomware attacks are highly targeted, adaptable and stealthy – using proven approaches perfected by APT [advanced persistent threat] groups in the past. By stealing data and locking key systems, groups like Nefilim look to extort highly profitable global organizations,” said Bob McArdle, director of cybercrime research for Trend Micro.

The report provides an insight into the inner-workings of modern ransomware attacks and suggests how advanced threat detection and response platforms can help stop them.

It also looks at their evolution and reveals how ransomware groups manage to operate under the radar, in order to unravel the workings of what Trend Micro refers to as a fast-growing underground economy.

Deep dive

Deep dive

The report also reveals learning based on the study of over two dozen ransomware gangs.

Of the 16 ransomware groups the report studied between March 2020 and January 2021, the Conti, Doppelpaymer, Egregor and REvil gangs led the way in terms of number of victims exposed, while at 5TB Cl0p had the most stolen data hosted online.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

To better describe the current generation of ransomware, the report takes a deepdive inside the Nefilim ransomware gang, which it says is one of the less-studied ransomware families and “offers a good look into the modus operandi of modern ransomware.”

“The current situation is as good as it gets for experts on the defensive side. This is the new benchmark — and cybersecurity and professionalism will only get better from here,” the report suggests.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Arcane season 2 finally gave us the huge Caitlyn and Vi moment we’ve been waiting for – and its creators say ‘we couldn’t have done it in season one’