Ransomware Uncovered
2020/2021

The complete guide to the latest tactics, techniques, and procedures of ransomware operators based on MITRE ATT&CK®

Get Report

Background

The year 2020 was a difficult one for most people around the world, but the same cannot be said for ransomware groups. While industries and businesses struggled to adapt to a post-pandemic reality, threat actors thrived, attacking bigger targets and demanding more money.

Ransomware-as-a-Service programs began to appear more frequently on underground forums, data exfiltration became an increasingly popular tactic among ransomware operators, and enterprise ransomware operations expanded to include new (and potentially game-changing) participants.

To stand a chance against threat actors in 2021, it is vital to not only understand their latest tactics, techniques, and procedures but also what actions to take to protect against them. Ransomware Uncovered 2020/2021 will give readers an intimate look at each step threat actors take, from initial access to exfiltration.

Extortionists lead the pack

35% of attacks in 2020 were conducted by Maze and its successor Egregor.

Millions, not thousands

It has become normal to see ransom demands in the millions of dollars.

Big Game Hunting boom

State-sponsored threat actors and commodity malware are more actively becoming associated with ransomware operations.

In this report

MITRE ATT&CK®

Explore the newest heat map of ransomware operators’ TTPs

The future threat landscape

Read predictions on how threat actors will act in the coming year

Recommendations

Get tailored lists of mitigations for each tactic and technique

Ransomware operators are less concerned about the industry and more focused on scope and scale… This means that companies such as Garmin, Canon, Campari, Capcom, and Foxconn (which were successfully attacked in 2020) are now at constant risk of being targeted.