The most common ransomware in recent months have been Maze, Ryuk and REvil.
Security researchers at Check Point Research have warned of a sharp increase in ransomware attacks in recent months compared to the first half of 2020. According to experts, Maze, Ryuk and REvil (Sodinokibi) became the leaders among the ransomware.
Ransomware attacks increased by 50% in Q3 2020. Maze and Ryuk became the most common ransomware families, with the latter targeting an average of 20 companies every week. Ryuk operators increased their activity in July and focused mainly on medical organizations that are under heavy strain from the coronavirus infection (COVID-19) pandemic and cannot afford to shut down systems.
In the United States, the number of such attacks almost doubled in the third quarter, and in the third quarter they entered the top five most affected countries:
According to the operators of REvil, the group attacked more than 140 wholesale, manufacturing and professional services companies, most of which were located in the United States. According to experts, 36% of the victim organizations paid the ransom to the criminals.
Ransomware attacks have proven to be so lucrative for cybercriminals that the threat has almost no chance of disappearing anytime soon, especially with the development of tactics to steal data and leak or sell it on the darknet.
Backing up data stored offline is still a good practice to ensure faster system recovery after an attack, along with timely security updates and restricting or disabling remote access to a company's intranet.