[SoY] 2021 | EN | Story of the first half of the year: Ransomware on the Darkweb
Hotsauce | S2W TALON
SoW (Story of the Week) publishes a report summarizing ransomware’s activity on the Darkweb. The report includes summary of victimized firms, Top 5 targeted countries and industrial sectors, status of dark web forum posts by ransomware operators, etc.
1. The first half of the year Status
- A total of 1152 victim companies were mentioned on ransomware leak sites based on 30 attack groups that had been updated in the past half of the year
- HQ of ransomware victim companies is the highest in the United States, accounting for 54.0% of the total victimized companies
- Among all ransomware attack groups, Conti accounted for 22.0% of the activity, showing the highest activity
1.1. TOP 5 targeted countries
- 2021.01 ~ 2021.06 — Ransomware targeted countries statistics
- United States — 54.0%
- France — 6.2%
- United Kingdom — 5.4%
- Canada — 5.3%
- Germany — 4.3%
1.2. TOP 5 targeted industrial sectors
- 2021.01 ~ 2021.06 — Ransomware targeted industrial statistics
- Service — 10.8%
- Manufacturer — 9.7%
- Financial — 7.4%
- Industrials — 6.7%
- Healthcare — 6.3%
1.3. TOP 5 Ransomware
- 2021.01 ~ 2021.06 — Ransomware Operators
- Conti — 22.0%
- Avaddon — 14.9%
- REvil — 11.5%
- Darkside — 6.9%
- DoppelPaymer — 6.1%
1.4. Monthly statistics
- During the first half of the year, Conti was the most active ransomware with an average of 22.05%
- Homepage: https://www.s2w.inc
- Facebook: https://www.facebook.com/S2W
- Twitter: https://twitter.com/S2W_Official