The McAfee Threats Report: June 2021 has revealed a significant drop of 50% in ransomware attacks during the first quarter of 2021. This decline can be attributed to a shift in tactics by threat actors, moving away from mass spread campaigns to targeting fewer, larger organizations with customized ransomware samples.
Traditionally, ransomware attacks involved infecting numerous victims with the same form of ransomware to extort payments. However, this approach is becoming less effective as targeted systems are increasingly able to detect and block such attempts. As a result, threat actors are now focusing on tailored Ransomware-as-a-Service (RaaS) campaigns aimed at bigger and more lucrative targets.
The McAfee report highlighted a decrease in the number of prominent ransomware families from 19 in January 2021 to nine in March 2021. The most prevalent ransomware groups identified in Q1 2021 included REvil, RansomeXX, Ryuk, NetWalker, Thanos, MountLocker, WastedLocker, Conti, Maze, and Babuk strains.
Raj Samani, McAfee fellow and chief scientist, emphasized the evolving nature of cybercriminal techniques, stating that criminals are leveraging RaaS to maximize profits with minimal risk. High-profile ransomware incidents such as those targeting Colonial Pipeline and JBS have resulted in substantial ransom payments.
Additionally, the report highlighted a 117% increase in cryptocurrency-generating coin mining malware, driven by a surge in 64-bit CoinMiner applications. Unlike ransomware, coin mining malware silently uses victims’ systems to mine cryptocurrency without their knowledge, bypassing the need for direct interaction with the victim.
Samani cautioned against restricting or outlawing cryptocurrencies, as cybercriminals will adapt and find new ways to profit from their illicit activities. McAfee detected an average of 688 new malware threats per minute in Q1 2021, representing a 40 threats per minute increase compared to Q4 2020.
In conclusion, the McAfee Threats Report underscores the importance of staying vigilant against evolving cyber threats and the need for organizations to implement robust cybersecurity measures to protect against ransomware and coin mining malware attacks.