Sophos has launched a new Threat Intelligence Center where all research related to ransomware gang activity from 2018 to the present is aggregated and will be regularly updated.

For years, Sophos has monitored and reported on the ransomware landscape, building a vast library of insight and analysis. The Ransomware Threat Intelligence Center brings together a curated list of the most important research articles and reports from this period.

Reports cover such ransomware gang activity as Avos Locker, Atom Silo, Avaddon, Black Kingdom and those used in the most high-profile attacks of the past year, such as Conti, Dark Side, Maze and REvil.

Resource centers such as this have become increasingly important as companies buckle under the weight of ransomware attacks. The stakes were recently covered in a CyberRisk Alliance Business Intelligence survey conducted in January 2022 among 300 IT and cybersecurity decision-makers and influencers. Among the study’s key findings:

  • Forty-three percent of respondents suffered at least one ransomware attack during the past two years. Among them, 58% paid a ransom, 29% found their stolen data on the dark web, and 44% suffered financial losses.
  • Thirty-seven percent said they lack an adequate security budget, while 32% believe they’re powerless to prevent ransomware attacks because threat actors are too well-funded and sophisticated.
  • Remote workers and cloud platforms/apps were the three most common attack vectors:
    • Remote worker endpoint (36%)
    • Cloud infrastructure/platform (35%)
    • Cloud app (SaaS): 32%
    • Trusted third-party (25%)
    • DNS (25%)
    • Software supply chain provider/vendor (24%)
  • Exploitable vulnerabilities accounted for the most common initial infection point (63%), followed by privilege escalation (33%), credential exfiltration (32%), and averse mapped shares (27%).
  • Respondents are most concerned about losing access to their org’s sensitive data (70%); Stolen data being sold on the dark web (58%); ransomware gangs gaining privileged access and/or controlling directory services (53%).
  • Companies are not taking the threat lying down: 62% will increase ransomware protection spending.