Ransomware Double Extortion 2021: Victim profiling

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

In the period of time between January and May 2021, Ransomware has done nothing but confirmed itself as the primary threat in the global IT security landscape.

The spike in infections and strains that had begun to appear around the end of 2019, has only increased with a consequent evolution of TTPs (Tactics, Techniques, and Procedures) adopted and honed by different groups of Criminal Hackers, which now have evolved into full-fledged Cyber Crime cartels.

In particular double extortion has risen to prominence. With this in mind, Swascan’s SoC as a Service Team has undertaken an analysis of the profiles of the victims targeted by Criminal Hackers.

In particular, through specific OSINT & CLOSINT researches, the data concerning the Ransomware victims who had their data published on the Darkweb has been collected and analysed.

Swascan has studied 18 Ransomware strains which now use Double extortion as their fixture and the sites where the data is published.

The approach was the following:

Identify the Darkweb

Read the article