Over a 12-month period, one cybersecurity firm’s research on ransomware attacks across the world show a steady escalation in some industries.

In analyzing 175 publicly reported successful ransomware attacks between August 2022 and July 2023, one cybersecurity firm has concluded that the number of reported ransomware attacks affecting key industries in the Asia Pacific region and globally — such as municipalities, healthcare and education —have doubled since last year, and more than quadrupled since 2021.

The firm’s researchers also noted that, while successful ransomware attacks targeting infrastructure-related industries were lower in volume compared to those in the top three sectors, these industries also experienced more than twice the number of attacks compared to last year.

Similar patterns of escalation in other industries, particularly ransomware attacks on software businesses, were also noted in the data used to evaluate threats such as:

    • business email compromise (36.4%)
    • ransomware (27.3%)
    • malware infections (15.2%)
    • insider threats (12.1%)
    • identity theft (6.1%)
    • data leakage (3%)

The researchers also took a closer look the impact of generative AI tactics on ransomware attacks, looking at ways cybercriminals can use these capabilities to strike faster and with better accuracy. With these new tools now readily accessible to anyone, the skill required to start a ransomware attack could be reduced to simply constructing a malicious AI prompt and having access to Ransomware-as-a-Service tools, leading to a whole new wave of attacks, according to the firm’s report on the findings.

According to Fleming Shi, CTO, Barracuda, the firm that released its findings:

“The number of successful ransomware attacks continues to climb and shows no signs of slowing down. Recent advances in generative AI will only help ransomware gangs increase the rate of attack with more effective cyber weapons. That’s why it’s essential for organizations to have tools in place to detect and prevent attacks, but also to be resilient and prepared to recover from an attack.”