Ransomware Uncovered

The complete guide to the latest tactics, techniques, and procedures of ransomware operators based on MITRE ATT&CK®

Get Report


The year 2020 was a difficult one for most people around the world, but the same cannot be said for ransomware groups. While industries and businesses struggled to adapt to a post-pandemic reality, threat actors thrived, attacking bigger targets and demanding more money.

Ransomware-as-a-Service programs began to appear more frequently on underground forums, data exfiltration became an increasingly popular tactic among ransomware operators, and enterprise ransomware operations expanded to include new (and potentially game-changing) participants.

To stand a chance against threat actors in 2021, it is vital to not only understand their latest tactics, techniques, and procedures but also what actions to take to protect against them. Ransomware Uncovered 2020/2021 will give readers an intimate look at each step threat actors take, from initial access to exfiltration.

Extortionists lead the pack

35% of attacks in 2020 were conducted by Maze and its successor Egregor.

Millions, not thousands

It has become normal to see ransom demands in the millions of dollars.

Big Game Hunting boom

State-sponsored threat actors and commodity malware are more actively becoming associated with ransomware operations.

In this report


Explore the newest heat map of ransomware operators’ TTPs

The future threat landscape

Read predictions on how threat actors will act in the coming year


Get tailored lists of mitigations for each tactic and technique

Ransomware operators are less concerned about the industry and more focused on scope and scale… This means that companies such as Garmin, Canon, Campari, Capcom, and Foxconn (which were successfully attacked in 2020) are now at constant risk of being targeted.
Oleg SkulkinLead Digital Forensics Specialist

Get Ransomware Uncovered 2020/2021

Related resources

Download your free copy

Lock like a Pro

Download your free copy

Ransomware Uncovered 2019

Download white paper

Egregor ransomware

Stop Ransomware with Group-IB

Report an incident

24/7 Incident Response Assistance +65 3159-4398

Thank you for the inquiry! We will contact you soon.

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

All you need to know to #StayCyberSafe