Threat Content Highlights
Threat Profiles & Objects
- Monthly updates to Tidal Cyber-curated Threat Profiles: Major & Emerging Ransomware, Tidal Trending Techniques, and Sector TPs:
- For the first time in several months, no recently identified ransomware groups appeared in the top ten for claimed attacks in February. But this doesn’t mean the landscape is static. Our monthly ransomware Threat Profile dynamically adds & removes the top groups for the previous month, and adjusts their weightings according to each one’s monthly tally of claimed attacks.
- Individual groups continue to evolve too – for example, see the separate Clop Extortion Ecosystem TP, which features a Campaign object reflecting this gang’s most recently observed TTPs (and not the Clop Software object, which derives from older reporting).
- February saw the largest monthly tally of claimed attacks in 3+ years of ransomware attack data. This number was fueled in part by groups that researchers assert often recycle data from previous attacks, like Clop and RansomHub. Teams should consider their assessments of particular groups’ threat/impact levels when choosing which threats to include in their Threat Profiles (and how to weight them).