Skip to content
NCC Group Monthly Threat Pulse September 2021. Illustrated wireframe cityscape in futuristic style. Royalty-free stock vector ID: 1335323081.
NCC Group Monthly Threat Pulse September 2021. Illustrated wireframe cityscape in futuristic style. Royalty-free stock vector ID: 1335323081.

News -

NCC Group Monthly Threat Pulse – September 2021

  • Industrials sector remains key target
  • Conti behind growing number of breaches
  • Negotiation is disrupting the ransomware business model

NCC Group’s latest monthly Threat Pulse report, based on analysis from our Strategic Threat Intelligence team, has revealed the scale of the increasing ransomware threat facing businesses.

The industrials sector remained a key target, making up 38% of the total number of victims in September. This is likely to be due to the size and scale of a typical industrial IT estate, and the success threat actors have had in this sector.

The role played by Conti in a growing threat landscape

The Conti group, a group that emerged from Russia in 2020, is behind a growing number of breaches – including half of successful ransomware attacks in August 2021 (146). However, this dropped to 25 successful attacks in September – highlighting that the administrative burden of over 100 ransom negotiations is taking its toll.

This is reinforced by reports that Conti is being increasingly prescriptive with its negotiations. The group is increasingly insisting on no media communications, publicity or third-party involvement, with the goal of speeding up the negotiation process.

Conti is increasingly combining this sped-up negotiation process with a rapid plan of attack – with most breaches, from initial compromise to data exfiltration, lasting from 48 to 72 hours.

How businesses can stay secure

While this speed gives businesses a smaller window in which to detect and respond to a ransomware attack, there are proactive steps that organisations can take to keep their systems secure.

This includes ensuring that two-factor authentication is in place, as well as closing unused ports and implementing phishing awareness and training.

With these measures and an approach to security in place that focuses on people, processes and technology, organisations will be well placed to protect themselves against the ransomware threat from established and emerging groups.

To read September's Pulse in full, please click here

Image: Shutterstock: Royalty-free stock vector ID: 1335323081




NCC Group Press Office

NCC Group Press Office

Press contact All media enquires relating to NCC Group plc +44 7976234970

Related content

NCC Group exists to make the world safer and more secure

In today’s threat landscape understanding the risks organisations and customers are exposed to is more important than ever.

Understanding the impact and how to be more resilient is key to protecting brand, reputation and sensitive customer information. Building a cyber-resilient organization can be a complex process but it’s not impossible.

With our knowledge, experience and global footprint, we help assess, develop and manage cyber resilience posture.

NCC Group Newsroom
XYZ Building, 2 Hardman Boulevard, Spinningfield
M3 3AQ Manchester
United Kingdom