- U.S. businesses were targeted by nearly half of all publicly acknowledged ransomware attacks globally between January 2020 and July 2022, according to data collected by NordLocker and published Tuesday in a report.
- Of the 5,200 cases recorded on ransomware groups’ sites, U.S. organizations accounted for almost 2,400 incidents. Businesses in California, Texas, Florida and New York suffered the greatest number of ransomware attacks, but Michigan businesses were hit hardest when the rate is adjusted by the number of active businesses in each state.
- Small- and medium-sized businesses with two to 200 employees suffered the most attacks during the period, accounting for 46%, or 2,300 ransomware attacks total, according to the report.
The research underscores the totality of ransomware by highlighting the most affected countries and industries, and the most prolific ransomware groups globally.
The U.S., Canada, United Kingdom, France and Germany top the list as the five countries most affected by ransomware. In the U.S., manufacturing and construction were the industries hit most often.
Ransomware hit manufacturing, construction the hardest
Number of ransomware cases by sector, Jan. 2020 – July 2022
Two ransomware gangs and their affiliates — LockBit and Conti — claimed responsibility for nearly one-third of all attacks. LockBit proved to be the most prolific ransomware group with 855 attacks, or 16% of all cases, followed by Conti with 796 attacks, or 15% of all cases.
LockBit most recently claimed responsibility for the June attack on cybersecurity vendor Entrust.
Conti shut down key pieces of its infrastructure in May after the U.S. State Department offered a $15 million reward for information on the group’s leadership and the FBI described Conti ransomware as “the costliest strain of ransomware ever documented.” The Conti brand might be defunct, but members of the group are reconstituting the organization and might reappear under a new name.