S2W TALON
SoY (Story of the Year) publishes a report summarizing ransomware’s activity on the Darkweb. The report includes summary of victimized firms, Top 5 targeted countries and industrial sectors, status of dark web forum posts by ransomware operators, etc.
1. 2021 Ransomware Victim Status
- A total of 2,624* victim companies were mentioned on ransomware leak sites based on 49 attack groups that had been updated in the past half of the year
* Remove duplicates and updates that same victims - HQ of ransomware victim companies is the highest in the United States, accounting for 49.4% of the total victimized companies
- Among all ransomware attack groups, Conti accounted for 18.4% of the activity, showing the highest activity
1.1. TOP 5 targeted countries
- 2021.01 ~ 2021.12 — Ransomware targeted countries statistics
- United States — 49.4%
- United Kingdom — 5.2%
- France — 4.9%
- Canada — 4.8%
- Germany — 4.7%
1.2. TOP 5 targeted industrial sectors
- 2021.01 ~ 2021.12 — Ransomware targeted industrial statistics
- Service — 9.2%
- Manufacturer — 8.4%
- Financial — 6.5%
- IT — 6.2%
- Healthcare — 5.6%
1.3. TOP 5 Ransomware
- 2021.01 ~ 2021.12 — Ransomware Operators
- Conti — 18.4%
- LockBit — 18.3%
- Pysa — 6.9%
- Avaddon — 6.6%
- REvil — 5.6%
1.4. Monthly statistics
- During 2021, Conti was the most active ransomware with an average monthly rate of 22.05%.
- On average, 219 ransomware victims occurred per month, the highest in August with 373.
[SoY] 2021 | EN | Story of the Year: Ransomware on the Darkweb was originally published in S2W BLOG on Medium, where people are continuing the conversation by highlighting and responding to this story.
Article Link: [SoY] 2021 | EN | Story of the Year: Ransomware on the Darkweb | by S2W | S2W BLOG | Medium