Ransomware attacks target these 5 sectors most
This story originally appeared on Drata and was produced and distributed in partnership with 麻豆原创 Studio.
Ransomware attacks target these 5 sectors most
Cyberthreats are constantly evolving, but ransomware attacks have persisted as one of the most pervasive and destructive varieties. In fact, according to Statista, the share of organizations worldwide affected by ransomware attacks has increased year over year since 2018, in 2023.
During a ransomware attack, cybercriminals use phishing or other methods to remotely install malicious software that encrypts data or disables systems. The ransomware operator then demands payment in exchange for decrypting the data or restoring access. These incidents are often accompanied by double extortion tactics, where the cybercriminal also threatens to expose, sell, or delete the stolen data.
However, there is no guarantee attackers will do what they promise if they get paid. Additionally, the United Nations Office on Drugs and Crime . Whether or not a ransom is paid, a ransomware attack can be very costly, comprising response and restoration services鈥攁nd it is only getting costlier.
It on average to recover from a ransomware attack, according to Sophos' 2023 State of Ransomware survey. Industries handling large amounts of sensitive data, or providing critical services, often emerge as primary targets for cybercriminals considering the stakes involved. In fact, of the the FBI's Internet Crime Complaint Center received in 2022, 870 were among business sectors characterized by the government as critical infrastructure鈥攁ffecting 14 of the 16 critical sectors.
used FBI data to identify the five critical infrastructure sectors that faced the most ransomware attacks in 2022. In its report, the FBI acknowledges that not all ransomware attacks have been reported to its IC3 system.
#5. Financial services
- Ransomware attacks, 2022: 88
Financial institutions, including banks, are prime targets for ransomware attacks due to the financial assets at stake, vast amount of personal data stored, and frequency of digital transactions. A ransomware attack on a financial service can disrupt day-to-day operations, like transactions, and expose sensitive customer information via data breaches.
In August 2021, Korean American banking service when ransomware extortion group AvosLocker accessed and encrypted sensitive client data, including Social Security numbers and tax documents. In response to reevaluating security protocols, with free credit-monitoring services for a year and an identity theft protection service.
#4. Information technology
- Ransomware attacks, 2022: 107
The effects of ransomware attacks on information technology systems can go far beyond the initial site of the attack. This is because ransomware can spread via shared storage drives and other devices on the same network.
One example occurred in July 2021, when the REvil group used by thousands of companies, many of which were managed service providers, or MSPs. This caused the attack to affect over 1,500 companies that used the initially affected clients as their MSP. While the attack disrupted services and costs associated with restoring affected systems, it also highlighted the need for further advances in cybersecurity defense.
#3. Government facilities
- Ransomware attacks, 2022: 115
Government facilities are attractive targets for ransomware attacks, as they tend to store large amounts of sensitive personal data and run on outdated systems vulnerable to attacks鈥攂ut the effects of attacks go well beyond the risk of data loss. Recent examples have even involved the shutdown of the East Coast's primary fuel pipeline in the . Baltimore also experienced this on a large scale in May 2019, when to encrypt city government systems. This disrupted services, including email and payment transactions, and resulted in restoration costs above $18 million.
#2. Critical manufacturing
- Ransomware attacks, 2022: 157
Ransomware attacks on manufacturing plants can disrupt production lines and operations, leading to downtime and profit loss. According to a Comparitech report, ransomware attacks in the manufacturing industry have resulted in a over the past five years.
One such incident affected Norsk Hydro, one of the world's largest aluminum producers, in March 2019. The attack began when an employee , triggering the encryption of 3,000 devices across the company. Norsk Hydro was widely commended for its response, which included resorting to manual operations and refusing to pay the ransom鈥攐pting to incur $70 million in associated losses instead.
#1. Health care and public health
- Ransomware attacks, 2022: 210
Ransomware attacks on health care systems can compromise patient data and disrupt critical services, sometimes with fatal consequences. In 2019, Alabama hospital Springhill Medical Center lost access to fetal-heartbeat-monitoring devices due to a ransomware attack, .
A year later, in September 2020, the University Hospital of D眉sseldorf in Germany was , resulting in the inability to admit new patients. This because the hospital could not provide timely treatment. In fact, suggests ransomware attacks on hospitals may increase the risk of patient deaths by 20% to 35%.
Story editing by Ashleigh Graf. Copy editing by Paris Close. Photo selection by Ania Antecka.
