Prevention
- Security Assessment
- Red Teaming
- Compliance Audit
- Pre-IR Assessment
- Compromise Assessment
- Cyber Education
- GIB Crypto
Ransomware Uncovered
2020/2021
The complete guide to the latest tactics, techniques, and procedures of ransomware operators based on MITRE ATT&CK®
View report
Background
The year 2020 was a difficult one for most people around the world, but the same cannot be said for ransomware groups. While industries and businesses struggled to adapt to a post-pandemic reality, threat actors thrived, attacking bigger targets and demanding more money.
Ransomware-as-a-Service programs began to appear more frequently on underground forums, data exfiltration became an increasingly popular tactic among ransomware operators, and enterprise ransomware operations expanded to include new (and potentially game-changing) participants.
To stand a chance against threat actors in 2021, it is vital to not only understand their latest tactics, techniques, and procedures but also what actions to take to protect against them. Ransomware Uncovered 2020/2021 will give readers an intimate look at each step threat actors take, from initial access to exfiltration.
Extortionists lead the pack
35% of attacks in 2020 were conducted by Maze and its successor Egregor.
Millions, not thousands
It has become normal to see ransom demands in the millions of dollars.
Big Game Hunting boom
State-sponsored threat actors and commodity malware are more actively becoming associated with ransomware operations.
In this report
MITRE ATT&CK®
Explore the newest heat map of ransomware operators’ TTPs
The future threat landscape
Read predictions on how threat actors will act in the coming year
Recommendations
Get tailored lists of mitigations for each tactic and technique
Ransomware operators are less concerned about the industry and more focused on scope and scale… This means that companies such as Garmin, Canon, Campari, Capcom, and Foxconn (which were successfully attacked in 2020) are now at constant risk of being targeted.
Oleg SkulkinLead Digital Forensics Specialist
Want to help Group-IB fight ransomware?
Share the malware, TTPs, IOCs, and tools you’ve encountered in your response engagements and we'll send you limited edition Ransomware Uncovered merch!
Related resources
White Paper
Lock like a Pro
Get a look at ProLock, one of the biggest players in Big Game Hunting
White Paper
Ransomware Uncovered 2019
Learn about the TTPs used by threat actors in 2019.
White Paper
Egregor
The Maze gang’s successor may be young, but it has already done serious damage.
White Paper
Lock like a Pro
Get a look at ProLock, one of the biggest players in Big Game Hunting
White Paper
Ransomware Uncovered 2019
Learn about the TTPs used by threat actors in 2019.
White Paper
Egregor
The Maze gang’s successor may be young, but it has already done serious damage.
Download your free copy
Lock like a Pro
Download your free copy
Ransomware Uncovered 2019
Download white paper
Egregor ransomware
Stop Ransomware with Group-IB
Group-IB Threat Hunting Framework
Comprehensive solution to protect corporate network, hunt for threats and respond to even the most complex cyber attacks
Compromise Assessment
Proactively identify suspicious activity and uncover threats before they can damage your environment
Incident Response Retainer
Pre-negotiated statement of work to provide a synergy of proactive and reactive services related to a security inciden
Incident Response Readiness Assessment
Evaluate your IR team and prepare for effective response to stop the cyber security incident within the shortest time