McAfee uncovers top threat trends for Q2, 2021
With the shift to a more flexible pandemic workforce, cyber criminals have introduced new and updated threats and tactics in campaigns targeting prominent sectors, such as government, financial services and entertainment.
This is the key focus of McAfee Enterprise's latest Advanced Threat Research Report: October 2021, which provides insights into ransomware and cloud threats.
According to the report, the second quarter of 2021 was a vibrant quarter for ransomware.
Despite notable shifts in behaviour, McAfee Enterprises global threat network identified a surge in DarkSide attacks from the group upon legal services, wholesale, and manufacturing targets.
Equally concerning to DarkSide's activity were other ransomware groups operating similar affiliate models, including Ryuk, REvil, Babuk, and Cuba, the researchers state.
They deployed business models supporting others' involvement to exploit common entry vectors and similar looks to move within an environment.
In fact, REvil/Sodinokibi topped McAfee's ransomware detections in Q2 of 2021, accounting for 73% of the top 10 ransomware detections.
In the second quarter of 2021, the researchers state they continued to see the challenges of shifting cloud security to accommodate a more flexible pandemic workforce and an increased workload, which presented cyber criminals more potential exploits and targets.
According to McAfee Enterprise research, in the second quarter of 2021 financial services were targeted the most among reported cloud incidents, followed by healthcare, manufacturing, retail, and professional services.
Overall, the most targeted sector by ransomware was government, followed by telecom, energy, media and communications.
On the whole, malware was the technique used most often in reported incidents. Spam showed the highest increase of reported incidents 250% - from Q1 to Q2 2021, followed by malicious script with 125% and malware with 47%.
Finally, McAfee Enterprise tracked a 64% increase in publicly reported cyber incidents targeting the public sector during the second quarter of 2021, followed by the entertainment sector with a 60% increase.
Notably, information/communication had a 50% decrease in Q2 2021, with manufacturing down 26%, the researchers find.
McAfee Enterprise fellow and chief scientist Raj Ramani says, “Ransomware has evolved far beyond its origins, and cybercriminals have become smarter and quicker to pivot their tactics alongside a whole host of new bad-actor schemes.
"Names such as REvil, Ryuk, Babuk, and DarkSide have permeated into public consciousness, linked to disruptions of critical services worldwide. And with good measure, since the cybercriminals behind these groups, as well as others, have been successful at extorting millions of dollars for their personal gain.