Ransomware operators are now focusing on specific regions and specific industries as the US loses its appeal.
That’s according to a new report from NordLocker, which states that while US companies are still the number one target for ransomware gangs, other regions are becoming more popular.
Analyzing publicly available data on ransomware attacks that took place between 2020 and 2023, the researchers found that in 2022, US companies fell victim to 876 attacks, compared to 1,237 attacks a year earlier.
Financial firms under fire
While it may appear that ransomware gangs are casting a wider net, they are actually concentrating their efforts. In 2021, businesses in 102 countries were attacked by ransomware, dropping to 91 countries last year.
There have also been changes among the most popular targeted industries. While in 2021 the most popular industry was manufacturing with 223 attacks, last year construction was the most popular with 142 attacks.
Overall, the number of ransomware attacks worldwide decreased from 2,702 to 2,257 between 2021 and 2022.
“We have noticed that financial companies are increasingly concerned about their cybersecurity. Companies are seeing an increase in cyberattacks in this sector,” says Aivaras Vencevičius, product manager for NordLocker.
But while manufacturing and construction are in the spotlight, the financial sector is quickly becoming the biggest target. In 2021, financial companies were only the sixth most attacked sector, but by 2022 they had moved up to second place.
The most active ransomware group last year was LockBit, which carried out a total of 723 attacks worldwide and dethroned the infamous Conti. In 2021, Conti, believed to be linked to Russia, was the most active group with 445 attacks worldwide.