The U.S. is the top target of ransomware attacks, report says
The majority of ransomware attacks worldwide targeted industries that play a "critical role" in domestic and international supply chains, including IT, health care and the public sector, according to new research.
Small businesses face the highest risks of suffering from ransomware in the U.S. and account for nearly two-thirds of all attacks nationwide, according to a new report exploring the global scope of ransomware threats.
The U.S. sees the largest amount of ransomware attacks worldwide and makes up for nearly half (46%) of the more than 5,000 incidents which researchers analyzed for NordLocker's report published on Tuesday. The report noted how the majority of ransomware attacks targeted industries that play a "critical role" in domestic and international supply chains, from manufacturing and construction to information technology, healthcare and the public sector.
While criminals have used ransomware for decades to exploit individuals and businesses for ransom payments, NordLocker Chief Technology Officer Tomas Smalakys said in a press release that the attack method has become "extremely effective" as cases "have grown exponentially" in recent years. A team of researchers with the cloud storage provider reviewed databases containing details about more than 5,200 U.S. and international ransomware incidents from 2020 until January 2022.
NordLocker identified Conti ransomware as the most active form of attacks within the U.S., with Lock Bit, Pysa, REvil and Maze also topping the international list. While small businesses appeared to be the most targeted in the country, facing nearly 65% of all U.S. ransomware incidents, the report said that anyone can find themselves subject to a ransomware attack, including both individuals, companies and the federal government.
Smalakys recommended several steps to mitigate ransomware threats, including a holistic approach to cybersecurity training which includes all employees, adopting zero trust network access and keeping software up to date. And though it can't prevent a ransomware attack, he also recommended maintaining a regular backup process "to restore data immediately" and "guarantee business continuity."
Nation-state cyber power
Separately, Harvard's Belfer Center published its annual Cyber Power Index for 2022 on Tuesday. The report ranks countries by their intent and ability "to pursue multiple objectives using cyber means," including the conduct of surveillance of their own population, foreign intelligence collection, information control at home and abroad, defining cyber norms and standards, building national cybersecurity defense and more.
The United States ranks first on the list, followed in order by China, Russia, the United Kingdom, Australia, Netherlands, South Korea, Vietnam, France and Iran.
In his introduction to the report, Belfer Center co-director Eric Rosenbach noted that "the index does not make value judgments about how states use their cyber power, only that they have demonstrated their capability and intent to use it."