Victoria Kivilevich writes that even if REvil is gone, the trend is still to increasing ransomware attacks.
In June 2021, the last month of REvil’s full-time activities, 205 victims were published on ransomware blogs and data leak sites. Meanwhile, in August 2021, a full month after the group’s disappearance, 248 victims were published on the same platforms. Moreover, 251 victims were claimed in September 2021. Even when looking at this surface data (meaning the number of attacks that became public, while the actual number of ransomware victims is much higher), one can see that the ransomware groups’ activities are steadily growing. The disappearance of one group does not significantly influence the overall ransomware threat, as also could be seen from shutting down of DarkSide, Avaddon, and other groups active this year.
Read more on Kela.