Trends in RaaS operations examined

ZDNet reports that ransomware groups have hit 2,860 major organizations last year, up from 1,460 in 2020, with most of the targeted entities located in the US, Canada, Australia, Germany, France, and Japan. Organizations in the manufacturing, professional services, industrial, technology, retail, and engineering sectors are most vulnerable to ransomware attacks, according to a KELA report. The findings also showed that nearly 40 entities hit by ransomware in 2020 have been attacked by another group last year but there is a possibility that the same initial access vector was used. Ransomware-as-a-service operators may have also started venturing into franchising. "Collaboration can mean that ransomware operators share stolen data with actors behind data leak sites on specific conditions. For operators, it can mean additional profits if the data is sold on a data leak site or simply more intimidating to the victim (or future victims). Aside from collaboration, as between ransomware groups, actors behind these data leak sites can use the same entry vector or attack the same company via different initial access," said researchers.