According to Michael Heywood: “We’ll see supply chain attacks continue to rise over next year as threat actors search for weak links in software supply-chains, targeting software used widely and globally, or by specific company.”

REvil threat actors typically deployed ransomware encryptors using the legitimate administrative tool PsExec with a text file list of computer names or IP addresses of the victim network obtained during the reconnaissance phase.