An analysis of the publicly-accessible data on ransomware attacks shows that these sectors that were a primary target of ransomware in 2021 continued as targets in 2022 to the same degree.
While there are a few attempts that exist to consolidate attack data, many cases are often overlooked because the only details about an experienced attack are, perhaps, available in disclosure statements, press reports, the dark web, and third-party information feeds. But that’s exactly where security vendor Emisoft went to gather intel on all available ransomware attacks.
In their The State of Ransomware in the US: Report and Statistics 2022, they report on all data available (which makes the results of their analysis represent the minimum possible number of attacks, as we can only assume there were more that either weren’t found my Emisoft or weren’t disclosed publicly).
According to their analysis, the same top industries were victims of ransomware attacks in nearly equivalent numbers:
- 106 local governments
- 44 universities and colleges
- 45 school districts operating 1,981 schools
- 25 healthcare providers operating 290 hospitals
Emisoft expect this focus to continue, if nothing is done to shore up the security in these sectors. They also mention it may be time to retire the term “ransomware” in light of the shift to data extortion being the focus instead of encryption.
In either case, threat actors need access to corporate networks and continue to leverage vulnerabilities, remote access, and phishing as primary attack vectors – the last, of which, can be materially reduced through Security Awareness Training.