Security Report Details Growing Ransomware Threat And What Industries Have A Bullseye

ransomware report q3 2021 news
Having entered a new year, cybersecurity experts, researchers, and companies are reflecting on 2021 and assessing the state of cybersecurity so that we can better understand and prepare for threats going forward. Unfortunately, the outlook going forward into 2022 seems pretty disheartening as far as ransomware is concerned.

As we reported last week, ransomware attacks doubled in each of the past two years and are on track to outpace phishing attacks. Not only are the number of ransomware attacks increasing, ransomware attacks will likely evolve as they become more prevalent. One chief security scientist even anticipates that some ransomware groups will begin extorting organizations by collecting fees in exchange for not targeting paying organizations.

Trellix, previously FireEye and McAfee, has released an advanced threat research report that breaks down all Q3 2021 ransomware attacks by a number of metrics. For starters, the banking/financial sector saw the largest percentage of ransomware client detections at 22%. We recently reported on a new ransomware family that hit a US bank in December 2021.

The utilities (20%) and retail (16%) sectors come in second and third after the banking/financial sector. Together, these three sectors accounted for almost 60% of total ransomware client detections in Q3 2021. The education and government sectors account for another 9% and 8%, respectively.

Turning now to ransomware detection by country, the US was hit the hardest by far at 34% of total detections. Turkey, which comes in second, isn’t even close at 12%. Germany (11%), Israel (8%), Switzerland (7%), and Mexico (6%) follow Turkey. While the US recorded the most incidents, it actually saw a 9% decrease from Q2 to Q3 of 2021. Meanwhile, France was subject to an increase of 400%, which was the highest increase in recorded ransomware incidents by country.

The research report also makes note of the fact that malware was the technique most often used in reported incidents, even though malware incidents decreased 24%. On the other hand, distributed denial of service (DDoS) and targeted attacks saw 112% and 55% increases, respectively.

The report has additional data and metrics, if you want to look through it yourself.