VirusTotal Shares Data on Ransomware Activity
Attackers employed around 130 ransomware families in 2020 and the first half of 2021, with the GandCrab variant the most active, according to newly released data from VirusTotal’s first-ever ransomware report.
VirusTotal, which is part of Google, studied some 80 million ransomware samples that had been uploaded to the online malware scanning platform over the past year-and-a-half. Next in line for the most active ransomware families were Babuk, Cerber, Matsnu, Congur, Locky, Teslacrypt, Rkor, and Reveon, according to Google’s VirusTotal report findings.
Some 140 countries submitted samples, led by Israel and then South Korea, Vietnam, China, Singapore, India, Kazakhstan, Philippines, Iran, and the UK.
Ransomware attacks have become a big priority in the US government lately as many high-profile companies (think: Colonial Pipeline) and healthcare organizations have been hit and suffered major operational disruption. Most recently, the US Department of Justice (DoJ) launched the National Cryptocurrency Enforcement Team to crack down on the illegal use of cryptocurrency, the anonymous payment conduit of choice by ransomware operators.
It also announced the Civil Cyber-Fraud Initiative to ensure government contractors disclose their cybersecurity protocols and cyberattacks in order to protect agencies from supply chain-related cyberattacks.