Ransomware, Threat Management

Sophos launches Ransomware Threat Intelligence Center

Sophos has launched a new Threat Intelligence Center where all research related to ransomware gang activity from 2018 to the present is aggregated and will be regularly updated.

For years, Sophos has monitored and reported on the ransomware landscape, building a vast library of insight and analysis. The Ransomware Threat Intelligence Center brings together a curated list of the most important research articles and reports from this period.

Reports cover such ransomware gang activity as Avos Locker, Atom Silo, Avaddon, Black Kingdom and those used in the most high-profile attacks of the past year, such as Conti, Dark Side, Maze and REvil.

Resource centers such as this have become increasingly important as companies buckle under the weight of ransomware attacks. The stakes were recently covered in a CyberRisk Alliance Business Intelligence survey conducted in January 2022 among 300 IT and cybersecurity decision-makers and influencers. Among the study’s key findings:

  • Forty-three percent of respondents suffered at least one ransomware attack during the past two years. Among them, 58% paid a ransom, 29% found their stolen data on the dark web, and 44% suffered financial losses.
  • Thirty-seven percent said they lack an adequate security budget, while 32% believe they’re powerless to prevent ransomware attacks because threat actors are too well-funded and sophisticated.
  • Remote workers and cloud platforms/apps were the three most common attack vectors:
    • Remote worker endpoint (36%)
    • Cloud infrastructure/platform (35%)
    • Cloud app (SaaS): 32%
    • Trusted third-party (25%)
    • DNS (25%)
    • Software supply chain provider/vendor (24%)
  • Exploitable vulnerabilities accounted for the most common initial infection point (63%), followed by privilege escalation (33%), credential exfiltration (32%), and averse mapped shares (27%).
  • Respondents are most concerned about losing access to their org’s sensitive data (70%); Stolen data being sold on the dark web (58%); ransomware gangs gaining privileged access and/or controlling directory services (53%).
  • Companies are not taking the threat lying down: 62% will increase ransomware protection spending.
Bill Brenner

Bill Brenner is VP of Content Strategy at CyberRisk Alliance — an InfoSec content strategist, researcher, director, tech writer, blogger and community builder. He was formerly director of research at IANS, senior writer/content strategist at Sophos, senior tech writer for Akamai Technology’s Security Intelligence Research Team (Akamai SIRT), managing editor for CSOonline.com and senior writer for SearchSecurity.com.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.