Organizations in the USA took 44% of the hits, four times more the next region in the list, according to data.

Between Aug 2020 and July 2021, the number of ransomware attacks in data analyzed by a cybersecurity firm have risen compared with the previous year, with attacks on corporations (including infrastructure, travel, financial services, and other businesses) accounting for more than half of all attacks, a 39% increase.

According to a new study from Barracuda’s own data, municipalities were the second most attractive target for ransomware hackers (16%), followed closely by education (13%) and healthcare (13%).

Their data shows that cybercriminals are still heavily focused on organizations based in the United States (44%), but ransomware was a pervasive issue across the globe with 30% of attacks targeting Europe, the Middle East and Africa (EMEA), 11% targeting Asia Pacific countries, 10% in South America and 8% in Canada and Mexico.

More findings

Ransomware has been evolving during the period of study, and sophisticated attacks can cripple day-to-day operations, cause chaos, and result in financial losses.

According to the study, these attacks were becoming even more deadly as cybercriminals leveled-up their tactics and attack patterns, and with it, their ransom payment demands. Other findings include:

  • The average ransom demanded per incident was over US$10m with 18% involving less, and 30% involving more than US$30m per incident.
  • These attacks were led by a handful of high-profile ransomware gangs, including REvil (19%) and DarkSide (8%).
  • Attack patterns were evolving from malicious links and attachments to phishing attacks to steal credentials, and thereafter compromising victims’ web applications (web portals or software-as-a-service (SaaS) apps).
  • Double extortion schemes were on the rise in the study period. Victims that paid up were often contacted several months later and asked for another payment to keep the stolen data secret. Some ransomware criminals accepted payment but sold the data anyway.

According to Mark Lukie, Systems Engineer Manager, Barracuda Asia-Pacific: “Ransomware is an issue which is not going away anytime soon, and can affect businesses of all sizes, as attackers often start with small organisations that are connected to the larger targets and then work their way up towards bigger paydays in the future.”

Lukie added that prevention is always better than remediation, and advised businesses to do everything they can to be confident in saying NO to ransomware criminals. He mentioned measures such as training staff for email security awareness, implementing anti-phishing capabilities in email systems, securing web applications, taking a zero-trust approach, fastidious data backup processes, and implementing data protection solutions to recover critical data in the worst-case scenarios.