Security News > 2022 > July > Trellix finds business services top target of ransomware attacks

According to cybersecurity firm Trellix's quarterly Threat Report: Summer 2022, released today, the line between ransomware gangs and nation-states continued to blur between Q4 2021 to Q1 2022.

Business services providers and telecoms were the most targeted industries for ransomware attacks.

In the countries where Trellix has customers, 31% of the Q1 2022 nation-state activity targeted Turkey, followed by Israel with 18%, the U.K. with 11%, Mexico with 10% and the U.S. with 8%. The most active nation-state actor in the quarter was APT36, an advanced persistent threat actor most likely backed by the Pakistani government and primarily targeting defense organizations in India.

"We highly urge every organization to take close note of ransomware TTPs , especially if they have already determined state-sponsored groups are likely to target them."

The threat report uses proprietary data from Trellix's network of over one billion sensors, open-source intelligence and Trellix Threat Labs investigations into prevalent threats like ransomware and nation-state activity.

A detection occurs when a file, URL, IP address, suspicious email, network behavior or other indicator is detected and reported via the Trellix XDR ecosystem.

News URL

https://www.techrepublic.com/article/trellix-finds-business-services-top-ransomware-target/