Our Insights
Providing you the latest industry-specific news and insights.
![]()
Reining in Ransomware – Investigative Cybercrime Series: Vol 2
We’ve analyzed data collected while responding to nearly 1,500 ransomware events exceeding $1 billion in ransom demands. Through it all, we’ve helped our clients manage their response, minimize costs, and maintain business operations.
Read more![]()
From Reactive to Proactive Security: Ransomware Attack Prompts a Culture Shift at a Healthcare Nonprofit
When a nonprofit healthcare organization suffered a ransomware attack, the incident did more than bring business to a temporary standstill — it also shined a spotlight on the dangers of a convenience-first culture.
Read more![]()
What To Do When A Hacker Encrypts Your Data
What should your first step be when a hacker cracks your system? Evgueni Erchov, Arete's head of security research & strategy shares insight with Risk & Insrance's Autumn Demberger.
Read more![]()
Mitigating Ransomware’s Impact – Investigative Cybercrime Series: Vol 1
If you have any stake at all in reducing risk posed by ransomware, you’re probably getting excited about hard data from the frontlines. Spoiler alert: there’s some good news ahead. What are we waiting for?!
Read more
Surtr Ransomware Pays Tribute to REvil
Executive Summary In February 2022, Arete investigated a Surtr ransomware incident where the ransomware author(s) paid tribute to the now defunct REvil (aka Sodinokibi) group by making a registry key change to the infected host. REvil was…
Read more2021 Annual Crimeware Report: From Tailwinds to Headwinds
Community and government action helps shift the course of ransomware.
Read moreCybersecurity in the Age of Ransomware. It’s More Than Simply Having Insurance.
BY KEVIN BAKER In many ways, cybersecurity insurance is not so different from car or home insurance. In short, it’s a way to transfer risk. If a cyber incident occurs, insurance can help organizations gain a level of mitigating control and…
Read moreQ3 2021 Crimeware Report: For Every Action, There Is an Equal and Opposite Reaction
Cybercrime is in a constant state of evolution and revolution, and threat actors are reacting to the actions of their targets as governments and law enforcement agencies seek to protect those targets.
Read moreFool Us Once … BlackMatter Initial Access Tactics Point to a Possible REvil Association
BY CYBER THREAT INTELLIGENCE TEAM Arete observed an overlap between a recent BlackMatter case and a Q1 2021 REvil case. In both instances, the actors leveraged the NodeJS-based Gootloader to deliver a CobaltStrike payload. In a March 2021 insight,…
Read morePYSA: 2020 to Now
BY ARETE CYBER THREAT INTELLIGENCE TEAM PYSA is the newest variant of the Mespinoza Ransomware as a Service (RaaS) family, which was first observed infecting victims in the wild in December 2019. PYSA is likely a reference to the open-source web…
Read moreQ2 2021 Crimeware Report: Crime and No Punishment
Like legitimate businesspeople, threat actors are always looking for ways to optimize operations and boost profits. With time and impunity on their side, some started to get more creative in Q2 2021.
Read moreEndpoint Detection and Response: The Closest Thing to a Silver Bullet to Stop Ransomware
By Paul Caron In its recent report “Combating Ransomware,” the Ransomware Task Force says there’s no silver bullet to solving the ransomware challenge. Instead, the group touts a multi-pronged approach and provides an extensive list of…
Read more
