Government, followed by Telecom, and Energy were most targeted sector by ransomware in second quarter of 2021, according to a research report by cybersecurity firm McAfee.
(Sign up to our Technology newsletter, Today's Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)
McAfee said there was a 64% increase in publicly reported cyber incidents targeting the public sector during the second quarter of 2021, followed by the Entertainment sector with a 60% increase.
The shift to flexible workforce prompted cyber criminals to launch attacks with updated tactics in campaigns targeting the prominent sectors.
“Ransomware has evolved far beyond its origins, and cybercriminals have become smarter and quicker to pivot their tactics alongside a whole host of new bad-actor schemes,” Raj Samani, McAfee Enterprise fellow and chief scientist said in a statement.
Ransomware increased its dominance with the U.S colonial pipeline attack that halted supply chain and affected much of eastern U.S. The impact of the attack was such that it earned ransomware a place in high-profile cyber agenda for the Biden administration.
McAfee said it identified a rise in attacks from ransomware group DarkSide on legal services, wholesale, and manufacturing targets in the United States. The cybersecurity firm also noted concerning activity from other ransomware groups including Ryuk, REvil, Babuk, and Cuba. REvil/Sodinokibi accounted for 73% of McAfee’s top-10 ransomware detections.
According to Samani, cybercriminals behind these groups, as well as others, have been successful at extorting millions of dollars for their personal gain.
As firms embraced flexible work model, cloud security remained a challenge amid increased workload. This presented cybercriminals with more potential targets. The US saw most cloud threat incident and targets with 52% of the incidents recorded followed by India and Australia.
Among sectors, financial services were targeted the most among reported cloud incidents, followed by Healthcare, and Manufacturing. Malware was used most often in launching attacks.