Advanced Threat Research Report October 2021

Published by McAfee

 As 2021 progressed through its second quarter and into the third, cyber criminals introduced new—and updated—threats and tactics in campaigns targeting prominent sectors. Ransomware campaigns maintained their prevalence while evolving their business models to extract valuable data and millions in ransoms from enterprises big and small.

 DarkSide’s highly publicized attack on Colonial Pipeline’s gas distribution dominated cybersecurity headlines in May. MVISION Insights quickly identified DarkSide’s early prevalence of targets within the United States, primarily Legal Services, Wholesale and Manufacturing, Oil, Gas, and Chemical sectors.

 Shutting down a major U.S. gas supply chain grabbed the attention of public officials and Security Operations Centers, but equally concerning were other ransomware groups operating similar affiliate models. Ryuk, REvil, Babuk, and Cuba ransomware actively deployed business models supporting others’ involvement to exploit common entry vectors and similar tools. These, and other groups and their affiliates, exploit common entry vectors and, in many cases, the tools we see being used to move within an environment are the same. Not long after DarkSide’s attack, the REvil gang stole the spotlight using a Sodinokibi payload in its ransomware attack on Kaseya, a global IT infrastructure provider. REvil/ Sodinokibi topped our list of ransomware detections in Q2 of 2021.

Download now and read McAfee’s Advanced Threat Research Report.

Download Now


Required fields*

Please agree to the conditions

By requesting this resource you agree to our terms of use. All data is protected by our Privacy Notice. If you have any further questions please email

Related Categories Server, Data Storage & Management , Software & Applications , Networking & Connectivity , Network Security, Malware, Network Security, Cloud Storage, ERP, Server, Storage, Linux, Spam, Data Storage & Management , NAS, SAN, Cloud Security, Cloud, Machine Learning, AIM, IT Infrastructure, HRIS, Healthcare