A new report shows the United States suffers more ransomware attacks than any other country in the world.
The analysis from cloud platform NordLocker is based on data collected from multiple publicly available online blogs where ransomware groups had posted the names of their victims and their demands. This yielded a sample of 5,212 recorded cases worth $4.15 trillion of collective revenue of targeted companies, affecting more than 12 million employees.
The data shows that the U.S. accounts for 46% of all reported ransomware attacks. Within the U.S., the states of California, Texas, Florida and New York have seen the most attacks in terms of numbers, but when adjusting the attack rate by the number of businesses active in the state, the state most vulnerable to ransomware is Michigan. The states that experienced the fewest such attacks were Missouri and South Dakota.
The U.S. manufacturing sector was the most frequent target for such attacks, followed in order by construction, transportation/logistics, IT, technology, health care. Finance/insurance came in sixth.
The analysis was also able to track who the biggest culprits are. It was noted that, unlike many criminal organizations, malware syndicates are quite open about their operations, as having a fearsome reputation encourages people to just give them the money versus trying to fight. The two biggest groups by far in terms of number of attacks are Lock Bit and Conti.
In its report, NordLocker encouraged people to take cybersecurity training, pay extra attention to email (especially attachments), introduce better security tools, nurture a culture of support, assess their current security, create a disaster recovery plan, ensure a regular backup process, keep software up to date and, if possible, never pay the attackers.
The report said the No. 2 country for ransomware attacks was Canada, followed by the U.K., France, and Germany.