Ransomware Landscape: REvil Is One of Many Operators
July 21, 2021
September 30, 2021
euroinfosec) •
July 12, 2021
REvil ransom note seen by victims of the ransomware attack involving Kaseya's software (Source: Cisco Talos)
As the Biden administration attempts to force Russia to crack down on domestic cybercriminals, one challenge will be the sheer diversity of attack code being wielded. Another is that any proactive moves Moscow does make will likely require many months to take effect, as will White House efforts to bolster U.S. cybersecurity defenses in the public and private sectors.
For cracking down on individual ransomware operations, one hurdle remains the current threat landscape: As ever, multiple strains of crypto-locking malware are being used by many different attackers - not just operations and affiliates based in Russia - and there's a constant influx of new strains and players, driven by the increasing profits to be obtained via ransomware, and backed by a vibrant cybercrime-as-a-service economy.