McAfee sees REvil and DarkSide ransomware surge in Q2

McAfee Enterprise has released its Advanced Threat Research Report: October 2021, examining cybercriminal activity related to ransomware and cloud threats in the second quarter of 2021.

With the shift to a more flexible pandemic workforce and the highly publicised Colonial Pipeline attack, cybercriminals introduced new and updated, threats and tactics in campaigns targeting prominent sectors, such as Government, Financial Services and Entertainment. 

Raj Samani, McAfee Enterprise Fellow and Chief Scientist said, “ransomware has evolved far beyond its origins, and cybercriminals have become smarter and quicker to pivot their tactics alongside a whole host of new bad-actor schemes. Names such as REvil, Ryuk, Babuk, and DarkSide have permeated into public consciousness, linked to disruptions of critical services worldwide. And with good measure, since the cybercriminals behind these groups, as well as others, have been successful at extorting millions of dollars for their personal gain.” 

Each quarter, McAfee assesses the state of the cyber threat landscape based on in-depth research, investigative analysis, and threat data gathered by the McAfee Global Threat Intelligence cloud from over a billion sensors across multiple threat vectors around the world. 

In the second quarter of 2021, McAfee saw the challenges of shifting cloud security to accommodate a more flexible pandemic workforce and an increased workload, which presented cybercriminals with more potential exploits and targets. 

According to McAfee Enterprise Advanced Threat research, in Q2 2021, the following cloud threat incidents and targets ranked high among the top 10 reporting countries (United States, India, Australia, Canada, Brazil, Japan, Mexico, Great Britain, Singapore and Germany): 

  • Financial Services were targeted the most among reported cloud incidents, followed by Healthcare, Manufacturing, Retail, and Professional Services.  
  • Financial Services were targeted in 50% of the top 10 cloud incidents, including incidents in the United States, Singapore, China, France, Canada, and Australia.  
  • Cloud incidents targeting verticals in the United States accounted for 34% of incidents recorded, with a 19% decrease in Great Britain  
  • Most cloud incidents targeting countries were reported in the United States followed by India, Australia, Canada, and Brazil. 
  • Cloud incidents targeting the United States accounted for 52% of incidents recorded. 

Q2 2021 Threat Activity 

Ransomware Focus. The most targeted sector by ransomware in Q2 of 2021 was Government, followed by Telecom, Energy, and Media & Communications.  

Attack vectors. In Q2 2021, malware was the technique used most often in reported incidents. Spam showed the highest increase of reported incidents – 250% -- from Q1 to Q2 2021, followed by Malicious Script with 125% and Malware with 47%. 

Sector Activity. McAfee Enterprise tracked a 64% increase in publicly reported cyber incidents targeting the Public sector during the second quarter of 2021, followed by the Entertainment sector with a 60% increase. Notably, Information/Communication had a 50% decrease in Q2 2011, with Manufacturing down 26%. 

Regions. These incidents surged primarily in the United States and Europe in Q2 2021. The United States experienced the most reported incidents in the second quarter, and Europe saw the largest increases in reported incidents in Q2 with 52%. 

More News
17 hours ago
M-Files unveils enhanced desktop user interface
M-Files has unveiled a new desktop user interface, with an enhanced layout that provides a document management experience. The updated desktop user interface features better information layering, less distraction, and enhanced readability across the M-Files metadata-driven document management platform to improve the user experience.
18 hours ago
Woodbank Group acquires Datatech Systems
Woodbank Office Solutions has acquired Wirral-Based Print Management business, Datatech Systems Ltd, seeing further expansion of the Woodbank Group’s presence in Liverpool and the Wirral.
20 hours ago
Quocirca study tracks rise of employee-centric hybrid workplace
Quocirca has published the third edition of its Global Print 2025 study, analysing how print and digital convergence is shaping today’s workplace. ‘The Future of Work, 2025’ reveals that post-pandemic transformation is proceeding at pace and that the role and requirements of the modern workplace are undergoing fundamental changes.
21 hours ago
Integra Conference promotions to celebrate 25 years
Integra Business Solutions has announced additional price support as a thank you to members coming along to the group’s forthcoming National Conference.  
1 day ago
Post-pandemic cybersecurity focus for Integrity360 Security Roadshow
Integrity360, cyber security services specialist, has announced the agenda for the launch of its Security First Roadshow 2022 which will take place on five different dates, across five different locations around the UK and Ireland.
1 day ago
Mode Solutions and eacs become Espria
A new name has entered the UK-managed services sector with the launch of Espria. The new business brings together Connection Capital-backed Mode Solutions, a provider of turnkey digital managed services with IT Managed Services provider, eacs, which it acquired in June 2022.
1 day ago
Optimising customer experience and business interactions with telecoms
Irrespective of the sector a business works in, the need to stand out from the crowd is critical to gain and retain a competitive edge. No opportunity can be missed to make customers feel valued and unique, especially in crowded, commoditised sectors where options to differentiate one business from another may be more limited.
4 days ago
Nemo Office Club launches Sales Management Training
Nemo Office Club has launched a new Sales Management initiative in partnership with Sandler Training. Primarily available to members of the group, the sessions will also be available to supporting suppliers and dealers’ customers.
4 days ago
VOW to support resellers through new initiatives
VOW Wholesale is increasing support to resellers in the industry by announcing an enhanced suite of initiatives as part of its service offering.
5 days ago
Vectra selects Nuvias Group as sole UK strategic distribution partner
Vectra, experts in AI-driven threat detection and response for hybrid and multi-cloud enterprises has appointed the Nuvias Group as its only strategic distributor across the UK, adding to its existing partnership with Cloud Distribution, a Nuvias Group company.

Login / Sign up