There was an unprecedented increase in ransomware attacks in 2021. With each passing day, threat actors are getting more empowered as they gain even more financial success, giving them the funds to conduct larger-scale data breaches. Alarmingly, a large computer manufacturer, Acer, paid the highest ransom demand in history, shelling out $50M. Some other prominent victims of ransomware include Colonial Pipeline, Acer, JBS Foods, Axa, Kaseya and Deloitte.
In digging deeper into these attacks, it became evident that threat actors target critical workloads of enterprises of all sizes and then either cause business disruption or threaten to make confidential data public. In fact, ransomware threat actors leverage the services of another class of cybercriminals, known as initial access brokers, who specialize in breaching companies and then selling the access to ransomware attackers. These actors infiltrate organizations that have not patched their workloads, providing initial access brokers a way to infiltrate enterprise infrastructure.