Companies based in the United States are the number one target for ransomware, with nearly half (46 percent) of all ransomware attacks happening there, new research by cybersecurity company NordLocker reveals. The study examined several databases of ransomware incidents that affected more than 5,000 companies worldwide. With a joint revenue of $4.15 trillion, the investigated companies produce more value than Germany’s entire GDP.
The research was carried out with the purpose of finding out which companies are at the highest risk of being targets for ransomware. Apart from the location of the attack, researchers looked at factors such as the most active ransomware groups, the most affected industries, and company sizes.
“Ransomware is a type of cyberattack that takes possession of a company’s most crucial and sensitive files and extorts money from the company to get the data back. In the past couple of years, cases have grown rapidly while cybersecurity awareness has struggled to catch up,” says Tomas Smalakys, NordLocker’s CTO.
Construction Is the Top industry Target
Nordlocker’s research revealed that out of 18 industries, construction (12 percent of all attacks), manufacturing (9.6 percent), and transportation (8.2 percent) industries are at the highest risk of being targeted by ransomware in the United States.
“Ransomware gangs usually decide who their next target is by looking at variables such as the company’s importance in supply chains, the quantity of confidential information that it handles, and other factors that, in the case of an attack, put pressure on the company to get operations back up and running,” says NordLocker’s Tomas Smalakys. “When you look at the data through this lens, you see why certain industries receive the majority of attacks.”
Small Businesses Not Immune
Company size is another major factor that influences the probability of a ransomware attack. In the US, small-sized businesses (up to 200 employees) are at the highest risk, accounting for nearly two-thirds of all attacks (65.8 percent). Companies with an employee count of between 51-200 are the victims of 28.9 percent of attacks, while those with between 11-50 employees are victims of 22.4 percent of ransomware hacks.
“Small businesses are lucrative targets for ransomware gangs because cybersecurity is often left on the sidelines. Smaller businesses justifiably prioritize growing their operation, with cybersecurity left out of budget calculations. The lack of attention towards security, combined with the usually slim profit margins small companies have to deal with, makes them not only easy to attack but very likely to pay the ransom as well because they lack the funds needed to hold off a prolonged halt of operations,” says Tomas Smalakys.
Other Ransomware Findings
- Among the affected are some of the biggest institutions worldwide, including a Fortune 100 company and a well-known educational institution based in the US.
- The US suffers the most from attacks launched by the Conti ransomware group, which is responsible for 17.6% of all attacks. LockBit group takes second place(11.9%), with Pysa (6.8%), and REvil (6.5%) following suit.
- 5.4% of ransomware attacks on US organizations targeted public sector institutions.
- The state of Michigan is the most affected by ransomware, while Missouri is the least.
Ransomware has been employed for decades, but never at the level it is used today. Last year, some businesses faced ransom demands of $30 million. Ransomware is effective because most companies are ill-equipped to deal with it. To increase the likelihood of the ransom being paid, criminals may also threaten to post their victim’s data online. 