2 NEW RANSOMWARE TRENDS + 21 ransom are groups ere prominent in data e åfltration attacks during 2020. + The top si groups - Ma e, Conti, Egregor, DoppelPa mer, NetWalker and Re il - are responsible for attacks on 80% of the total ictims. If e summari e 2020 b pointing out the most notable trend e detected in terms of cybercrime activity, our answer would be the “double-e tortion” tactic adopted b the most proliåfc and notorious ransom are gangs. Although it began at the end of 2019, this trend dramaticall intensiåfed and increased in 2020. From encr ption to e åfltration Classic ransom are attacks in ol e an intrusion into a ictim’s s stems ith the åfnal goal of encrypting its computer network and dropping a ransom note, demanding a pa ment (usuall in Bitcoins) in e change for a decr ptor for reco ering the ictim’s åfles 2 . Ho e er, since there is no guarantee the attackers ill indeed reco er the åfles once the ransom is paid, victims are typically recommended not to pay the ransom. 2.1 DOUBLE TROUBLE: RANSOMWARE AND DATA EXFILTRATION https://www.cisa.gov/ransomware 300 200 100 Maze Conti Egregor DoppelPaymer Netwalker Revil Pysa Darkside Everest Neåflim Avaddon Clop Ragnar Suncrypt Ran Locker LockBit RansomExx Mount Locker Sekhmet Pay2Key No Name 80% The top six groups- 80% of the total ictims 260 176 146 130 98 79 46 21 21 21 19 19 18 17 9 8 7 6 6 4 1 Number of victims by Ransomware group and percentage of total 2. 6 | The Ransomware Landscape