New study shows which countries and industries had to contend with ransomware attacks the most in 2020 and 2021. In a global comparison, Germany is in the top 5.
The latest study by NordLocker has shown that Germany ranks fifth among the countries most affected by ransomware attacks in 2020 and 2021. The experts analyzed 1.200 companies that were attacked by ten known ransomware gangs. The aim of the research was to identify the industries and countries most affected and where the most attacks took place.
Industry targeted by ransomware
"The latest figures show that 2020% of companies worldwide were victims of ransomware in 37," says Oliver Noble, cybersecurity expert at NordLocker, the encryption cloud service. “Among other things, Netcom Kassel in the telecommunications industry and the Technical University of Berlin in the education sector were affected. Both became victims of ransomware in the past year. No company or institution can still feel safe today. Our analysis shows the extent of the latest ransomware hacks and gives indications as to which industries need to be particularly careful. "
Top 10 countries with the most ransomware attacks
The analysis shows that the top five countries where businesses are attacked are the United States (732 cases), the United Kingdom (74), Canada (62), France (58) and Germany (39). According to Oliver Noble, the German economy is dominated by industrial companies, e.g. B. from the areas of production, mechanical engineering, chemistry and automotive. These industries still take cybersecurity too lightly and typically lack robust protection.
“Many international brands operate in Germany, such as the Volkswagen Group. A ransomware attack on Volkswagen's US subsidiary this year compromised the personal data of 3,3 million consumers. The big players attract cyber criminals because they handle large amounts of sensitive customer data. So it's a hit for the extortionate hacker attacks, ”says the expert.
Highest risk industries
The industries most attacked (Image: Nordlocker).
NordLocker’s analysis shows that construction is the industry most affected by ransomware (93 companies affected), followed by manufacturing (86). Finance (69 ransomware cases), healthcare (65), education (63), technology and IT (62), logistics and transportation (59), automotive (56), community services (52) and the legal industry ( 49) are also on the list of the top ten industries hit by ransomware hackers.
"It's amazing how companies still take their cyber security lightly and, as it were, 'invite' hackers to take advantage of it," says Oliver Noble. “You have to imagine that in the event of a successful attack, all employee data, customer data, customer contracts, patents and other sensitive business information are made inaccessible and threatened to be stolen, leaked or permanently deleted. To prevent reputations from being damaged or customers being lost, some companies have no choice but to pay the requested ransom. "
An attack costs an average of 1,6 million euros
However, not many companies can afford it. It is estimated that the total average cost of eliminating ransomware has more than doubled, from around € 657 in 000 to € 2020 million in 1,6. And the most disturbing fact is that paying a ransom is no guarantee is that the victims get back what was taken away from them. There is also no guarantee that the company will not be attacked again.
The most active ransomware operators
The ransomware most used in the attacks belongs to the Conti family (Image: Nordlocker).
The NordLocker study analyzed ten ransomware websites. The most active ransomware gang is Conti with 450 attacks under his name. REvil (210 hacks), DopplePaymer (200) and PYSA (188) are also among the best-known and most active cybercrime groups that blackmail companies.
ATP groups are captured - new ones are added
"International law enforcement agencies are working hard to eliminate gangs of ransomware," says Oliver Noble. “It was only reported two weeks ago that a joint operation had taken REvil's servers offline. However, the Russian ransomware gang is expected to reappear. Ransomware is no longer only for skilled hackers. Any paying user, with or without IT skills, can simply subscribe to use tools that have already been developed for ransomware attacks against companies. "
More at NordLocker.com