Symantec’s ransomware white paper shows targeted attacks nearly tripled in 2021, with groups like Hive, AvosLocker, and Zeppelin rising as others faded. While overall detections dropped due to fewer mass campaigns, threats to enterprises grew as attackers exploited RDP, Exchange flaws, VPN bugs, and phishing loaders like SquirrelWaffle. Pre-ransomware tools included PsExec, Cobalt Strike, and Mimikatz. Law enforcement takedowns, such as REvil and Emotet, disrupted but did not end operations. Emerging strains like Noberus (Rust-coded) highlight innovation. Mitigation demands Zero Trust, MFA, offline backups, and monitoring dual-use tools to limit lateral movement.

Join for free to read