REvil Most Popular Ransomware Variant in 2021 (So Far)

An increase in global cyberattacks was driven by Web shell activity, targeted ransomware and extortion operations, and supply chain intrusions.

Dark Reading Staff, Dark Reading

August 4, 2021

1 Min Read
Dark Reading logo in a gray background | Dark Reading

The volume of global cyberattack activity increased 125% in the first half of 2021 compared with the same time frame last year, the Accenture Cyber Investigations, Forensics & Response (CFIR) team reports in a midyear update.

Their data, which stems from aiding clients in cyberattack recovery and response, indicates the triple-digit increase was primarily driven by Web shell activity, targeted ransomware and extortion operations, and supply chain attacks. Ransomware was the largest malware by category (38% of attacks), followed by backdoors (33%), credential stealers (6%), and droppers and launchers (6%), according to the report.

Some findings were consistent with last year: Once again, REvil/Sodinokibi was the most common ransomware variant, at 25% of attacks, followed by Hades (18%), DoppelPaymer (16%), Ryuk (9%), and Egregor (7%). Others made up the last 25% of the variants seen.

Five industries accounted for more than 60% of the total intrusion volume. These include consumer goods and services (21%), industrial (16%), banking (10%), travel and hospitality (9%), and insurance (8%). In terms of geography, the United States was most affected, with 36% of incident volume, followed by the United Kingdom (24%), Australia (11%), Germany (7%), and Italy (7%).

Read the full release and blog post for more findings.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights