I’ve archived my previous work to update this section, but it’s important to be look back to see patterns and historical context. A lot has happened in just a couple of years of rapid evolution.

• Highly targeted attacks on corporations vs ransom individuals
• Big Game Hunting – knowing how much that corporation can pay and scaling the demands higher
• RaaS – Ransomware as a Service
• Setting affiliates up for success with access brokering
• The unholy trinity of Emotet/Trickbot/QBot.
• Ryuk
• Maze
• Extortionist Ransomware
• Name & Shame sites.
• Nation states get in on the action
• The rise and fall and rebirth of groups: Ryuk/Conti, Maze/Egregor
• Add some DDoS in there for extra incentive
• OMFG Egregor