Guest post by Tetra Defense
(reprinted with permission)
While it may not seem like it, June 2021 was a quieter month for publicly disclosed ransomware attacks than the month of May.
Attacks in June totaled 171 versus May at 231. Don’t be lulled into a false sense of security — this is just the absolute number of attacks posted to threat actor “dark web” sites. The decrease is perhaps due to the dissolution of particularly active threat actors such as Darkside and Avaddon.
As expected, a number of new groups have taken their place and are quickly gaining momentum. June attacks by new groups already make up 25 percent of the month’s total (PayOrGrief, Prometheus, Unknown, Vice Society and Xing). And, as America learned over the July 4th weekend, well-established groups can still cause widespread damage with a single attack.
The June 2021 Ransomware Round-Up from Tetra Defense is available for download here.
The report, which is compiled by Tetra Defense’s own cyber threat analysts, incident response investigations, and what dark web shame websites (operated by threat actors themselves) are reporting, provides a glimpse into the latest extortion tactics.
Have you checked out The Pro Practice Playbook? This free, online legal resource is chock-full of tips, pointers and checklists for building a safe and successful law practice. Chapters include: Forming Your Firm, Managing Your Firm, Marketing Your Firm, Getting and Keeping Great Clients, Fees and Billing, Expertise, and Technology & Security. The Pro Practice Playbook is free and available 24/7 to all lawyers and firms insured through Alta Pro Insurance Services. Click here to start using The Pro Practice Playbook and all the other benefits of membership in the Alta Pro Risk Purchasing Group (RPG). Get started now.
Geographic Breakdown of Ransomware Attacks
The United States remained the most attacked country making up 52.63 percent percent of total publicly disclosed attacks compared to 45.45 percent in May.
France was the second highest with 9.94 percent of the total, up from 6.06 percent. Canada is third at 5.26percent, and the UK and Brazil take the remaining top spots, each with 4.68 percent of the June total. France’s climb in ransomware attacks is likely explained by a spike in activity by the Everest ransomware group which seems to predominantly post French companies to its site in recent months.
Everest alone released data for 7 victims on its TOR site during the month of June, a significant increase from its observed activity over the prior month. Brazil also unexpectedly moved from a marginal place in May to one of the top spots in June, an increase of 166percent. Most of these attacks originated from Sodinokibi (REvil), the threat actor behind July’s Kaseya ransomware attack, who themselves appear to have geographically diversified their victim pool in June.
If you practice in Wisconsin, Texas, Minnesota, Ohio, Illinois, Indiana or Michigan, you can stay on top of ethics and risk management news by being a member of Alta Pro Lawyers RPG. You’ll get access to free webinars, the Pro Practice Playbook, Reminger ProLink, Ask the Risk Pro and more. Here’s how to join.