https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • MSP 501 Rankings
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • MSP 501 Rankings
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Channel Research


Shutterstock

Ransomware

Ransomware Attacks Skyrocketed in 2021, Expect Another Jump in 2022

  • Written by Edward Gately
  • February 21, 2022
After a turbulent year for ransomware operators, similar patterns are showing up this year.

The latest NCC Group research shows ransomware attacks nearly doubled in 2021 with the Conti gang the most prevalent threat actor.

According to the NCC Group’s 2021 Annual Threat Monitor, ransomware attacks jumped almost 93% year over year. Attacks totaled nearly 2,700, compared to fewer than 1,400 in 2020.

This builds on a gradual, but noticeable rise in ransomware attacks since the COVID-19 pandemic began. Ransomware accounted for more than 65% of all incidents dealt with by NCC Group’s global cyber incident response team (CIRT) in 2021.

Throughout the year, attacks were most commonly targeted at the public and industrial sectors, followed by consumers.

The most consistently targeted regions during 2021 were North America and Europe, accounting for 53% and 30% of all attacks, respectively. These regions are densely populated with wealthy organizations. That provides an incentive to threat actors that employ a big-game-hunting methodology. This involves targeting larger enterprise companies knowing they can afford to pay higher ransoms.

Small Number of Ransomware Groups Dominating

Ian Usher is NCC Group‘s deputy global practice lead of strategic threat intelligence.

NCC Group's Ian Usher

NCC Group’s Ian Usher

“The dominance of a small number of ransomware groups was somewhat surprising,” he said. “We were expecting a reduction in activity following the international law enforcement attention on ransomware following the high-profile Kaseya and Colonial pipeline incidents. There was a significant drop in activity in June and July, but then we saw Lockbit 2.0 return to the scene, and they and Conti have since dominated the landscape.”

Conti, a Russia-based global threat actor that emerged in 2017, represented 18% of all attacks across the past two years. In line with the general trends, the industrial sector was Conti’s main target. Similarly, in line with general trends, North American businesses topped Conti’s list of targets followed by Europe.

“We reported on the Conti ransomware group in [the third quarter] of 2021 after getting the opportunity to assess leaked playbooks and training materials associated with this group,” Usher said. “What we identified was an operation being run very much like a business enterprise, with thorough recruitment and training processes. This material did not reveal any novel techniques or procedures, so the prominence can only really be attributed to the scale of the operation, which is made possible by the business model.”

Lockbit 2.0 Also Noteworthy

Elsewhere, another notable group that highlighted the changing nature of the vulnerability landscape was the Lockbit threat actor. After a brief hiatus and metamorphosis into Lockbit 2.0 in June 2021, the group became one of the biggest contributors to double extortion ransomware in 2021. It accounted for more than 16% of the entire year’s ransomware cases. This contrasts their activity in 2020, in which they were absent from the list of the top 10 threat actors.

“After a turbulent year for ransomware operators, we’re seeing similar patterns,” Usher said. “In January 2022, we observed a 36.6% decrease in ransomware attacks compared to the month before. But despite this, we also saw significant ransomware-related incidents in Europe. On Jan. 29, ransomware crippled the IT systems of 17 European oil ports, affecting dozens of terminals, oil storage and global transport operations. The targeting of other major critical infrastructures at Zurich Swissport has raised additional concerns around the threats to European businesses, particularly as the EU navigates Russian-Ukrainian tensions. We expect to see ransomware continue to dominate the threat landscape and further international law enforcement efforts aimed at the groups causing the greatest problems.”

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.
Tags: MSPs Strategy Best Practices Channel Research EMEA Security Vertical Markets

Most Recent


  • how to sell more
    Learn How to Sell More Solutions to Clients
    A conversation with MSP Marketing Edge's Paul Green.
  • Partner Program
    Coalesce Partners Gain Revamped Partner Program with Expanded Training, Resources
    Coalesce's data transformation solution is built exclusively for Snowflake Data Cloud.
  • ransomware attacks
    Survey: Backups Are Prime Targets for Ransomware Attacks, Most Remain Exposed
    Veeam’s 2023 Ransomware Trends Report shows many pay ransom but don’t always recover.
  • call for speakers
    Channel Futures Leadership Summit Call for Speakers Open
    Speaker applications for “The New Style of Leadership” are open until July 3.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Chess king, leader
    IBM, Cisco, Trend Micro Among Leaders in Growing Threat Intelligence Market
  • Russia hacker
    The Gately Report: Barracuda MSP Cybersecurity Update, Russian Cyber Threats, Cloudflare M&A
  • Distribution
    The Role of Distributors Is Disrupting the Channel Industry
  • Jay McBain NerdioCon 2022 Cancun
    NerdioCon: Forrester’s Jay McBain Tackles Shifting Business Models

Upcoming Events

View all

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Channel Partners Conference & Expo

March 11, 2024 - March 14, 2024

Galleries

View all

Survey: Backups Are Prime Targets for Ransomware Attacks, Most Remain Exposed

May 26, 2023

Faces of the Partner: 6 New Tech Advisors Entering the Channel

May 26, 2023

Broadcom-VMware, Alibaba Cloud, Red Hat, Google Cloud: A Hefty Roundup

May 24, 2023

Industry Perspectives

View all

Dell Technologies World: Dell Apex Expanded Across On-Premises, Cloud and Edge

May 22, 2023

Identity Is Increasingly Valuable – and Targeted

May 18, 2023

Gaining a Competitive Advantage through AV Managed Services

May 10, 2023

Webinars

View all

From Problem to Profit: Mastering the Science of Selling Using Business Outcomes

May 9, 2023

Meet the 2023 Channel Futures Channel Influencers

April 13, 2023

DE&I Dialogue: How the Right DE&I Initiatives Can Propel Your Business

April 5, 2023

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode No. 123: MartinWolf M&A Advisors, CP Expo Preview

UScellular Takes On Rivals with Partner Program Simplicity

April 21, 2023

OpenText Simplifying Deal Registration, Doubling Down on MDF

April 21, 2023

Everything-as-a-Service: CloudBlue Touts Critical Customer Transition

April 18, 2023

Twitter

ChannelFutures

Paul Green @msp_voice will help MSPs gain more #customers and #sales at @ChannelEurop June 13.… twitter.com/i/web/status/1…

May 26, 2023
ChannelFutures

.@coalesceIO unveils revamped partner program. #datatransformation dlvr.it/SphJm4 https://t.co/s7fYAVmFGD

May 26, 2023
ChannelFutures

.@Veeam #Ransomeware survey: backups are not adequately protected, 85% suffered at least 1 attack in past year… twitter.com/i/web/status/1…

May 26, 2023
ChannelFutures

.@MSPSummit call for speakers is open now through July 3. The theme for this year’s summit is “The New Style of Lea… twitter.com/i/web/status/1…

May 26, 2023
ChannelFutures

Channel Futures interviewed six individuals who started an agency in the last two years. dlvr.it/SpgV6l https://t.co/JXKhJcw31A

May 26, 2023
ChannelFutures

Channel Futures interviewed six individuals who started an agency in the last two years. dlvr.it/SpgTQg https://t.co/7eIp0XgwQ2

May 26, 2023
ChannelFutures

Channel Futures interviewed six individuals who started an agency in the last two years. dlvr.it/Spg7JZ https://t.co/ETaeFysCYO

May 26, 2023
ChannelFutures

.@VMware's CFO taking new job at @Workday, board member taking over CFO role. #cloud dlvr.it/SpdNND https://t.co/Nnb1ahZdNG

May 25, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X