Second quarter of 2021 sees huge spike in ransomware

The latest threat report from Nuspire shows that the second quarter of 2021 saw a massive 55,239 percent increase in ransomware activity during the second and third weeks.

This took place just prior to the Colonial Pipeline ransomware attack conducted by the DarkSide ransomware group. The reason for the increase is not known, however, and it may not be related to the attack.

"This quarter, and even this year, we experienced some of the most significant and disruptive ransomware attacks our industry has ever seen," says J.R. Cunningham, Nuspire's chief security officer. "The sophistication of these attacks, and the scope of what’s being attacked just shows that ransomware isn't going anywhere. Ransomware groups continue to become more sophisticated in their attack methods, which is why organizations need to ensure they have the proper controls in place."

Among other findings, Q2 saw malware activity up by 41.84 percent and continuing to be driven by VBA agent activity and a new addition of JS/Valkyr activity. Botnet activity, though, was down by 50 percent compared to Q1, which is likely a result from the impact of the Emotet botnet being closed down and removed from the game.

There has also been a 51 percent decrease in exploit activity compared to Q1, but this is beginning to trend back up into Q3, along with a large increase in SSH Bruteforce activity that hasn't been seen before.

The full report is available from the Nuspire site.

Image Credit: Carlos Amarillo / Shutterstock