1、R E P O R T2021Sustainability ReportT H R E AT R E P O R TAkamai RansomwareThreat ReportH1 |1Table of ContentsHighlights 3The global effects of Conti 5Global attack trends 6Industry and vertical trends 8Revenue trends 10Understanding the attackers toolkit 12The kill chain 12The RaaS attackers cookbo

2、ok 13Network propagation goals 14A step-by-step guide to network dominance 16The toolset 18Initial access 18Lateral movement 19Persistency and backdoors 20Credential harvesting |2Mitigation 21Resisting Contis favored initial infection vectors 21Expected penetration 21Detect and cut threat actors lat

3、eral movement 22Segmentation is key 22Preventing lateral movement with protocol-restricting rules 22Protecting backups 28Segment critical data services 28Detailed response plans |3Highlights In recent years,ransomware has become ubiquitous with cybersecurity attacks,costing more than US$20 billion g

4、lobally in damages in 2021.The advent of high-profile ransomware attacks,starting with 2017s WannaCry global attack,has significantly elevated ransomware awareness.Recent years have seen ransomware attackers strike at schools,government,healthcare,and infrastructure,among other targets.This report w

5、ill focus on the organizations that execute these attacks,and the ways in which they operate.Ransomware as a service(RaaS)groups have grown into businesses,with structures mimicking the very companies they seek to extort customer service representatives,new employee training,and more.A recent leak o

6、f documents from Conti,one of the worlds most prolific RaaS providers,revealed some of its inner workings,providing researchers and reporters with insight into how these organizations operate.Akamai researchers have been analyzing and researching RaaS providers to reveal some of the underlying mecha