Virtualization Technology News and Information
WithSecure research highlights drop in new ransomware discovered in 2021

The ongoing threat posed by ransomware continues to pain organizations. However, new research published by WithSecure (formerly known as F-Secure Business) highlights a potential opportunity to disrupt the cyber crime ecosystem that's exacerbated the problem in recent years.

A new WithSecure threat update found that ransomware was the most prevalent threat type identified in 2021, demonstrating its dominance over other attacks faced by organizations. However, the number of new ransomware families and unique variants researchers discovered in 2021 decreased significantly compared to previous years. 

There are several theories that could explain this drop. WithSecure Chief Technology Officer Christine Bejerasco feels that it likely points to threat actors consolidating their efforts, which creates new opportunities to combat the problem.

"If attackers are in fact consolidating their activities around core competencies, that makes the major ransomware-as-a-service providers crucial links in the supply chains of threat actors. And if we can break these links by neutralizing these significant providers, it could very well disrupt the ecosystem and provide some relief for defenders, at least for a little while," explained Bejerasco. 

Other significant ransomware developments highlighted by the threat update include:

  • Ransomware accounted for nearly 17% of identified threats detected in 2021, making it the year's most prevalent type of threat.
  • WannaCry was 2021's most prevalent ransomware family, followed by three ransomware-as-a-service (RaaS) families: GandCrab, REvil, and Phobos.
  • Ransomware continued to impact a variety of industries and used multiple methods to penetrate defenses in 2021, making no organization off-limits to these attacks.

While Bejerasco sees room for optimism based on recent observations, she warns that turning the tide against ransomware gangs is complicated. It requires organizations, industries, and countries to embrace a co-security approach to the problem, which can prove challenging. 

"Unlike authorities, threat actors can operate across borders with impunity, which gives them an advantage. Defenders need to focus on outcome-based security practices by first understanding the organizational or business outcomes they want and designing cyber security measures to support those outcomes. From there, organizations can identify risks to those outcomes, what digital assets are exposed to those risks, and the potential cyber threats those assets face," she said. "Only then can they design a cyber security strategy that the whole organization can rally behind because it protects and supports what they want to achieve."

More information on outcome-based security is available at

Published Wednesday, June 22, 2022 10:41 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<June 2022>