Security Experts Witnessed a 55,239% Increase in Ransomware Activity in Q2

JR Cunningham

Nuspire’s Threat Report provides data and insight into malware, exploit and botnet activity throughout Q2 of 2021
COMMERCE, MI. (September 13, 2021) – Nuspire, a leading managed security services provider (MSSP), today announced the release of its 2021 Q2 Quarterly Threat Landscape Report. Sourced from 90 billion traffic logs, the report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs) with additional insight from its threat intelligence partner, Recorded Future.

In a recent Forrester podcast, security analysts discuss ransomware attacks becoming more common and more damaging. “Critical infrastructure organizations like hospitals or energy providers are more lucrative targets for attackers because the impact of their shutdown is more immediate and could threaten lives, forcing victims to pay the ransom quickly.”

In Q2 2021, Nuspire security experts witnessed a 55,239% increase in ransomware activity just a few weeks prior to the Colonial Pipeline Ransomware attack conducted by DarkSide Ransomware group. The reason for the increase is not known and it may not be related to Colonial Pipeline, but one can speculate that the increase could be from the same campaign with Colonial Pipeline.

“This quarter, and even this year, we experienced some of the most significant and disruptive ransomware attacks our industry has ever seen,” said J.R. Cunningham, Nuspire Chief Security Officer. “The sophistication of these attacks, and the scope of what’s being attacked just shows that ransomware isn’t going anywhere. Ransomware groups continue to become more sophisticated in their attack methods, which is why organizations need to ensure they have the proper controls in place.”

Additional notable findings from Nuspire’s 2021 Q2 Threat Landscape Report include:

  • Malware activity up 41.84% and continues to be driven by VBA Agent Activity and a new addition of JS/Valkyr activity
  • Botnet activity down -50% from Q1, which is likely a result from the impact of Emotet being removed from the space
  • -51% decrease in exploit activity from Q1, but beginning to trend back up into Q3 as well as a large increase in SSH Bruteforce activity that has not been seen before
    Learn more about protecting your organization from increasing cyber threats and download Nuspire’s 2021 Q2 Threat Landscape Report.