Ransomware Uncovered
2020/2021

The complete guide to the latest tactics, techniques, and procedures of ransomware operators based on MITRE ATT&CK®

View report

Background

The year 2020 was a difficult one for most people around the world, but the same cannot be said for ransomware groups. While industries and businesses struggled to adapt to a post-pandemic reality, threat actors thrived, attacking bigger targets and demanding more money.

Ransomware-as-a-Service programs began to appear more frequently on underground forums, data exfiltration became an increasingly popular tactic among ransomware operators, and enterprise ransomware operations expanded to include new (and potentially game-changing) participants.

To stand a chance against threat actors in 2021, it is vital to not only understand their latest tactics, techniques, and procedures but also what actions to take to protect against them. Ransomware Uncovered 2020/2021 will give readers an intimate look at each step threat actors take, from initial access to exfiltration.

Extortionists lead the pack

35% of attacks in 2020 were conducted by Maze and its successor Egregor.


Millions, not thousands

It has become normal to see ransom demands in the millions of dollars.


Big Game Hunting boom

State-sponsored threat actors and commodity malware are more actively becoming associated with ransomware operations.

In this report

MITRE ATT&CK®

Explore the newest heat map of ransomware operators’ TTPs

The future threat landscape

Read predictions on how threat actors will act in the coming year

Recommendations

Get tailored lists of mitigations for each tactic and technique

Ransomware operators are less concerned about the industry and more focused on scope and scale… This means that companies such as Garmin, Canon, Campari, Capcom, and Foxconn (which were successfully attacked in 2020) are now at constant risk of being targeted.
Oleg SkulkinLead Digital Forensics Specialist

Scare off ransomware operators with custom Ransomware Uncovered wallpapers for your PC and phone

Want to help Group-IB fight ransomware?

Share the malware, TTPs, IOCs, and tools you’ve encountered in your response engagements and we'll send you limited edition Ransomware Uncovered merch!

Related resources

Download your free copy

Lock like a Pro

Download your free copy

Ransomware Uncovered 2019

Download white paper

Egregor ransomware

Stop Ransomware with Group-IB

Want to help Group-IB fight ransomware?

Share the malware, TTPs, IOCs, and tools you’ve encountered in your response engagements and we'll send you limited edition Ransomware Uncovered merch!

Report an incident

Get 24/7 incident response assistance from our global team

APAC: +65 3159-3798
Europe: +31 20 226-90-90
EMA: +971 4 508 1605

Thank you for the inquiry! We will contact you soon.
Cookies

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

 
All you need to know to #StayCyberSafe