In 2021, ransomware attacks continued to be one of the most prominent threats targeting businesses and organizations worldwide. High-profile attacks disrupted operations of companies in various sectors, including critical infrastructure (Colonial Pipeline), food processing (JBS Foods), insurance (CNA) and many more. Following the attacks, pressure of law enforcement on ransomware gangs intensified, though simultaneously these threat actors continue to evolve. They not only become more technologically sophisticated but also extensively leverage the growing cybercrime ecosystem aiming to find new partners, services and tools for their operations.
In this report, KELA provides insights into ransomware victims, recaps activity of ransomware groups in 2021 — both in terms of their attacks and presence on cybercrime forums — and shares exclusive findings about collaboration of ransomware actors with other cybercriminals.