First spotted in late 2019, Conti is perhaps the most prolific ransomware gang currently operating in the wild. Conti follows the emerging trend of both encrypting victim’s files as well as threatening to publish them online to extort payment. Even companies who are not hit directly by this group risk losing sensitive data if a member of their supply chain hosts/stores sensitive data on the supply chain network.
Group
While there is limited information surround the Conti threat actors, source
Active since 2019, the actors behind Sodinokibi, also known as REvil, are one of the most prolific ransomware groups currently operating. Believed to have Russian origins, the REvil gang avoids targeting Eastern European companies. The group extorts payment from victims by publishing confidential documents on the dark web for anyone to view. Even companies who are not hit directly by this group risk losing sensitive data if a member of their supply chain hosts/stores sensitive data on the suppl
