Ransomware gangs are losing interest in US firms

malware
(Image credit: Elchinator from Pixabay)

Ransomware operators are now concentrating their efforts on specific regions and specific industries, as the US loses its appeal.

This is according to a new report from NordLocker, which states that while companies in the US are still the number one target for ransomware gangs, other regions are growing increasingly popular.

By analyzing publicly available data on ransomware attacks that occurred between 2020 and 2023, the researchers found that in 2022, American businesses suffered 876 attacks, down from 1,237 in the year before. 

Finance companies under attack

While it might seem as if ransomware gangs are casting a wider net, they’re actually concentrating their efforts. In 2021, firms in 102 countries were targeted with ransomware, dropping to 91 countries last year.

There were also changes among the most popular industries targeted. While in 2021, manufacturing was the most popular industry with 223 attacks, last year construction was the most popular with 142 attacks. 

Overall, the number of ransomware attacks worldwide decreased between 2021 and 2022, from 2,702 to 2,257.

“We've noticed that finance companies have become increasingly worried about their cybersecurity. Companies are noticing an increase in cyberattacks in this sector," says Aivaras Vencevičius, head of product for NordLocker.

But despite manufacturing and construction taking the limelight, it’s the financial sector that’s quickly becoming the biggest target. In 2021, financial companies were only the sixth most attacked sector, but climbed up to second-placed by 2022. 

The most active ransomware group last year was LockBit, engaging in a total of 723 attacks worldwide, and dethroning the infamous Conti. In 2021 Conti, believed to be affiliated with Russia, was the most active group with 445 attacks all over the world. 

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.