According to new Intel 471 research, 722 ransomware attacks were observed during the fourth quarter of 2021 with LockBit 2.0, Conti, PYSA, Hive and Grief emerging as the most common strains. The attacks are up 110 and 129 percent from the third and second quarters of 2021, respectively. During the three-month period between October and December 2021, 34 different ransomware variants were discovered.
In the fourth quarter of 2021, the most common ransomware strain was LockBit 2.0, which was responsible for 29.7 percent of all reported incidents, followed by Conti at 19 percent, PYSA at 10.5 percent, and Hive at 10.1 percent.
Consumer and industrial products; manufacturing; professional services and consulting , real estate, life sciences , health care, technology, media and telecommunications, energy, resources and agriculture , public sector, financial services and nonprofit entities were among the most impacted sectors during the quarter.
The United States was the most affected by LockBit 2.0 attacks followed by Italy, Germany, France, and Canada. The majority of Conti infections were also reported in the US, Germany and Italy. The US remained the most affected country for PYSA and Hive ransomware attacks.
“Attacks on the consumer and industrial products sector increased by 22.2 percent from the third quarter of 2021, making it the most-affected sector during the fourth quarter.
Finally the researchers concluded that ,” Both Nokoyawa and Hive include the use of Cobalt Strike as part of the arrival phase of the attack, as well as the use of legitimate, but commonly abused, tools for defence evasion such as the anti-rootkit scanners GMER and PC Hunter.”