Top industries
hit by ransomware

In 2021, ransomware has blown up to thousands of attacks per day and is predicted to cost businesses over $20 billion. Most successful attacks might be left undisclosed. Desk research of 1,200 ransomware cases that were made public by hackers between 2020 and 2021 has shown that, while all industries experience such cyberattacks, some types of businesses get breached more often. Here are the top industries that face the most ransomware attacks.

The worst cases of ransomware by industry

Researchers identified 35 unique industries that have been attacked by ransomware. Here are the most significant ransomware cases in each industry.

1 -

Protect your business from ransomware — back up and restore your files via a secure cloud

Get NordLocker

The most prolific ransomware gangs

Ransomware gangs are extremely hard to catch. And even when such cases happen, like the arrests of the Cl0p gang members in June 2021, attacks rarely decline. The chart below illustrates the number of ransomware attacks launched by each of the 10 cybercriminal groups whose activities were analyzed in this research.

Conti
450
REvil
210
Dopple Paymer
200
PYSA
188
CL0P
37
Hive Leaks
30
Rangar_Locker
30
RansomEXX
27
Lorenz
17
Payload.bin
11

Source: ransomware gang websites

What is ransomware?

Ransomware is a computer virus that takes over the target device, restricts the owner’s access, and demands the victim to pay a ransom to get their device back. First created in 1989, ransomware has been used to blackmail individuals for a $100 payout and extort corporations for tens of millions of dollars. Modern ransomware can steal files, target locally-stored backups, spread through the network, and even bring municipalities to a standstill.

The device can get infected through a malicious email, a spoofed website, or in many other ways. Then, the attackers may scan the device for something valuable or, if pressed for time, start encrypting everything at once. After encrypting the data, the ransomware will display a ransomware note with detailed instructions on how to create a cryptocurrency wallet and send Bitcoin to the attackers’ address.

How to protect your business from ransomware

hire cybersecurity

Hire cybersecurity specialists

Hire or build a cybersecurity team of your own. Only someone who knows how hackers operate can set up the right defenses to protect your business from ransomware.

establish backup

Establish a smooth backup process

Set up an automatic daily backup to recover your data if it ever gets encrypted. Ransomware encrypts your data, restricting your access to it. Secure, remotely stored backups are one of the easiest ways to restore data without paying the attackers.

secure email

Secure your email

Attackers may try to penetrate your network in a variety of ways, but phishing is still the most popular one. Learn to check emails for signs of phishing, especially if they contain links or attachments. As soon as you suspect anything, let your IT team know.

law enforcement

Contact law enforcement

Before you make decisions about paying the ransom, contact your local law enforcement agency. A decryption key for the ransomware used against you may already be available.

train team

Train your team

We’re all connected. Cybersecurity is the best way to illustrate that. Limit risks by encouraging education and cybersecurity awareness in your company. You can call it the “Better safe than sorry” initiative.

update software

Update your software

Every cyberattack has a vulnerability it was built for. Companies constantly release patches plugging those vulnerabilities. That’s why keeping devices in your company up to date is one of the best ways to enhance the security of your entire network.

evaluate security

Evaluate your current security measures

You probably already have an antivirus, firewall, VPN, and password manager. Make sure that each program is set up correctly. They have to be installed on all your devices, launch at startup, have auto-updates enabled, etc.

response plan

Set up a response plan

If you’re not going to follow the steps laid out by the hackers, you must have a response plan of your own. It should include ways to shut down and isolate your network, contact your employees, inform your clients, and restore your systems from a backup.

prepare ransomware

Prepare for ransomware

This research has shown that no business is safe from cyberattacks. That’s why you have to be proactive when it comes to digital security. Nurture a culture of knowledge-sharing and taking responsibility.

Get in touch

If you are interested in using our analysis for press purposes, drop us an email at [email protected] and we will get back to you with more information.

This information will be used by NordLocker to respond to your inquiry as provided in our Privacy Policy.