Trellix: 3 Sectors Most Heavily Hit with Ransomware Activity

This year will be every bit as busy as last year when it comes to cyberattacks.

Edward Gately, Senior News Editor

February 1, 2022

6 Slides
ransomware detected
Shutterstock

Cybercriminals are most heavily targeting the financial, utilities and retail sectors with ransomware activity, according to a new Trellix report.

This week, Trellix released its first major research report. The Advanced Threat Research Report examines the most noteworthy cybercriminal activity in the third quarter of 2021.

Last month, McAfee Enterprise and FireEye emerged as a new company under the name Trellix. The company focuses on extended detection and response (XDR).

In the third quarter, high-profile ransomware groups disappeared, reappeared, reinvented and even attempted to rebrand. They remained relevant and prevalent as a popular and potentially devastating threat against an increasing variety of sectors.

Ransomware activity was denounced and banned from numerous cybercriminal forums during the second quarter. However, Trellix observed activity among the same threat actors on several forums using alternate personas.

Raj Samani is chief scientist and fellow at Trellix.

Samani-Raj_McAfee.jpg

Trellix’s Raj Samani

“Beyond the statistics, we covered some of the biggest risks facing organizations, and one of the biggest challenges was the log4j issue,” he said. “The impact and reliance this had was perhaps the most concerning for all of us.”

In December, researchers discovered a zero-day exploit in log4j, the the popular Java logging library. It results in remote code execution (RCE) by logging a certain string. Since then, additional vectors have been discovered.

Scroll through our slideshow above for more from Trellix’s report. 

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like