Top Industries Hit by Ransomware

Oct. 27, 2021
NordLocker's analysis shows what businesses have faced ransomware attacks the most in 2020 and 2021 along with the top ransomware gangs responsible.

Nordlocker's research has uncovered the main industries hit by ransomware gangs in the past two years. The research analyzed 1,200 companies that were hit by 10 most prolific ransomware gangs in 2020 and 2021—a total of 35 industries were identified.

“The latest statistics indicate that a worrying 37% of companies worldwide became victims of ransomware in 2020,” says Oliver Noble, a cybersecurity expert at NordLocker, an encrypted cloud service provider. “From Campari Group in the Food & Beverage industry to Baltimore County public schools in the Education sector, both of which became victims of ransomware last year, no business or institution can feel safe. Our analysis presents the scope of recent ransomware hacks as well as indicates which industries need to stay particularly cautious.”

Among the hacked companies discovered by NordLocker’s research, there were not only large organizations, such as a global hotel chain, an automotive conglomerate or a worldwide clothing brand but also small family-owned and operated businesses like an Italian restaurant or a local dental clinic.

“It is surprising how many companies still take cybersecurity for granted, ‘inviting’ hackers to exploit their vulnerabilities,” says Oliver Noble. “When successfully attacked, companies get all their employee data, customer details, client agreements, patents, and other valuable business information inaccessible and threatened to be stolen, leaked, or destroyed for good. To avoid the doomsday, i.e. having business operations put to a standstill, damaged reputation, loss of clients, tiresome legal battles, and huge fines, some organizations are left with no choice but to pay ransom to get the decryption key.”

However, not many businesses can afford to pay hackers off. It's estimated that the average total cost of recovery from ransomware has more than doubled from around $761K in 2020 to $1.85M in 2021. And the most worrying fact is that paying a ransom doesn’t guarantee that you will get back what’s been taken away. There’s also no guarantee your business won’t get attacked again.

The analysis has found that the top five countries where businesses get attacked most are the US (732 cases), UK (74), Canada (62), France (58), and Germany (39). According to Oliver Noble, most ransomware gangs come from the post-Soviet states, which still maintain their unfriendliness towards the US and seek to cause harm to both its private and public sectors. Also, a strong belief that American companies are all wealthy might contribute to the reason they get attacked most.

“Internationally operating law enforcement groups work hard to shut ransomware infrastructure down,” says Oliver Noble. “Just last week it was reported that a joint operation put REvil’s servers offline. However, the Russian Ransomware-as-a-Service gang is expected to re-emerge. Ransomware is no longer what only skilled hackers are capable of. Any paying user, aka affiliate with little technical knowledge, can use the subscription-based model to employ already-developed tools to execute ransomware attacks against businesses.”

Although ransomware attacks are evolving, there are some easy-to-implement cybersecurity tactics to serve your business as a defense:

  • Make sure your employees use strong and unique passwords to connect to your systems. Better yet, implement multi-factor authentication.
  • Secure your email by training your staff to identify signs of phishing, especially when an email contains attachments and links.
  • Implement and enforce periodic data backup and restoration processes. An encrypted cloud might be the most secure solution for this.
  • Adopt zero-trust network access, meaning that every access request to digital resources by a member of staff should be granted only after their identity has been appropriately verified.


Getty Images
Getty Images 1053936332 5e28a3429a5af
Industry Trends

Are Manufacturers an Easy Ransomware Target?

Feb. 3, 2021
Latest study shows industrial environments are more common ransomware targets than any other sector.
© Benjawan Sittidech |
Research and Development

Refuse Ransomware

Sept. 8, 2020
Ransomware is evolving, and so should your security systems.
Industry Trends

Can’t Turn Back Time: Cybersecurity Must Be Dealt With

Jan. 4, 2017
80% of all cyber breaches occur in the supply chain, but too many companies are acting like the problem will fix itself.
woman doing research
Research and Development

Industrial Control Systems Manufacturers Address Cybersecurity Issues

April 22, 2014
Managing the risk of malicious access to ICS products is a shared responsibility that requires ongoing coordination among end-users, systems integrators, and ICS product vendors...