Cybersecurity Cloud & Data

Cyber loot: Conti RaaS reaped US$180 million in 2021 from ransom payments

The prolific RaaS (Ransomware-as-a-Service) group Conti, which has been bringing governments and businesses throughout the world to their knees with their RaaS model, have made a mountain of money as high as US$ 180 million last year, says an Akamai report.

In the Akamai Ransomware Threat Report APJ Deep Dive H1 2022, Akamai analysed a recent leak of documents from Conti to understand its modus operandi and to form a profile of the attack trends, tools, and tactics that led to its success.


Read more: The Rise of RaaS: With Conti attacking Costa Rica govt vulnerability is in the limelight


Akamai also found that business services was the top victimized industry in the Asia Pacific and Japan (APJ) region and the Conti group is targeting small and medium-sized businesses (SMBs) that can pay a ransom but don’t have access to strong cybersecurity technologies.

Akamai gathered the data for this report from Conti’s publicly reported attacks on their leak site. The worrying part is that the data does not represent all of Conti’s attempted attacks.

High Business Sector Attacks Concern for Affiliated Parties

Despite the fact that businesses were the top target of Conti in the APJ region, it ranked the third-highest globally to be attacked by Conti. According to Akamai, the Conti group’s heavy slant against North American and EMEA regions is the reason for lesser frequency of attacks in the APJ region.

Still, the higher number of attacks on business services in this region can be concerning because of the risk of supply chain cyberattacks. According to the report, cybercriminals can breach a third party, such as business services companies, to gain a foothold on high-value targets.

Akamai also found that business services was the top victimized industry in the Asia Pacific and Japan (APJ) region and the Conti group is targeting small and medium-sized businesses (SMBs) that can pay a ransom but don’t have access to strong cybersecurity technologies

For example, a Taiwanese company and supplier/contractor for a high-end automobile manufacturer, and a consumer electronics company, suffered Conti attacks in 2022. Despite 1,500 servers being encrypted, the attack reportedly impacted only noncritical systems. Here, third-party companies can introduce security risks to affiliated organizations.

The APJ region also indicates a considerably higher number of critical infrastructure attacks as compared with other regions. “Attacks on these verticals could have catastrophic, real-world implications,” says the report.

For example, one of the largest electricity providers in Australia was hit by a Conti ransomware attack in 2021. Although the attack did not disrupt their services, it could easily have.


Read more: ESET Research uncovers new cyberespionage group Worok targeting companies, govts in Asia


Retail and hospitality were the second most attacked verticals in APJ. This is not surprising since the commerce industry contains troves of confidential information, such as personal identifiable information (PII) and credit card numbers, making it a lucrative target.

SMBs Beware

The report highlights that more than 40% of victimized organizations make revenue up to US$50 million. This means the Conti group is targeting small and medium-sized businesses (SMBs) that are able to pay the ransom but do not have the same resources and cybersecurity technologies as larger enterprises.

Navanwita Bora Sachdev

Navanwita is the editor of The Tech Panda who also frequently publishes stories in news outlets such as The Indian Express, Entrepreneur India, and The Business Standard

Recent Posts

What happens to your personal data? How AI ensures your digital footprint stays secure?

Each tap, click, and action in the online world adds to our increasingly vast digital…

1 day ago

The AI Editor has arrived: What Human-in-the-Loop publishing & ecommerce really looks like

Artificial Intelligence is no longer just a futuristic concept in publishing and e-commerce. It’s here,…

5 days ago

After the artist & the writer it’s the developer’s turn to rethink careers as AI starts coding

The artist and the writer have been living in fear of AI taking over their…

6 days ago

Geek Appeal: New gadgets & apps on the block

The Tech Panda takes a look at recently launched gadgets & apps in the market.…

1 week ago

With top engineers from India in hot demand globally, Ness Digital Engineering champions internal pathways to leadership  

India’s tech and IT sector continues to grow, expected to top $300 billion in fiscal…

1 week ago

NTT debuts ultra-fast IOWN network with cross-border Kabuki performance

Japanese tech giant NTT showcased the latest in Innovative Optical and Wireless Network (IOWN) technology…

1 week ago