2021 was the year of the ransomware attack – and there’s every indication it will be just as popular in 2022.
The hacker tool, which holds a company’s data or operations hostage, has become one of the fastest growing areas of cybercrime in recent history. This year alone, a ransomware attack takes place every 11 seconds, according to Cybersecurity Ventures. And some of those infiltrations have been big ones: DarkSide’s ransomware attack on Colonial Pipeline saw 100 GB of data stolen and disrupted the petroleum supply chain for much of the East Coast.
Ransomware hackers will cause damages of an estimated $20 billion in 2021, the company adds – a 570% jump from 2015. And by 2031, that number is expected to hit $265 billion per year, with attacks every two seconds.
“Ransomware is the fastest-growing cybercrime for a reason,” says Steve Morgan, founder at Cybersecurity Ventures. “It’s the proverbial get-rich-quick scheme in the minds of hackers.”
No one knows exactly how rich, though. The numbers surrounding ransomware are soft, since many businesses don’t reveal the attacks and the hackers aren’t bragging about them as loudly as they would, say, a DDOS attack. That makes definitive data hard to come by.Since reporting is spotty, no one is entirely sure just how many businesses are impacted. For instance, according to Mimecast, three-in-five businesses suffered a ransomware attack, experiencing an average of six days of downtime last year. But Sophos puts the number at 37%, noting it was down from 51% in 2020.
While the overall numbers are a bit squishy, there’s no disagreement among security experts that ransomware is set to explode in the coming year.
“The sophistication and scale of cyber-attacks will continue to break records and we can expect a huge increase in the number of ransomware and mobile attacks,” says Maya Horowitz, VP Research at Check Point Software. “Looking ahead, organizations should remain aware of the risks and ensure that they have the appropriate solutions in place to prevent, without disrupting the normal business flow, the majority of attacks including the most advanced ones.”
Security firm Blackfog, in its 2021 State of Ransomware report, breaks down ransomware attacks by industry, giving some insight into the areas the hackers using that toolset are targeting.
Government agencies are the most popular attack point for cybercriminals. There were 48 publicized attacks in the sector in 2021, as of Dec. 6. Education came in second and, perhaps most disturbingly, healthcare was a very close third.
Here’s a breakdown of reported ransomware attacks this year by sector (with the caveat, once again, that the vast majority go unreported):
Government: 48 attacks
Education: 38 attacks
Healthcare: 35 attacks
Services: 28 attacks
Technology: 28 attacks
Manufacturing: 23 attacks
Retail: 14 attacks
Utilities: 11 attacks
Finance: 10 attacks
Other industries: 24 attacks
The U.S. was far and away the leading target of ransomware attacks, with 134 reported. The U.K., which was second globally, reported just 27.
Not only are the number of attacks on the rise, those companies that pay to get their data back are often finding there is no honor among thieves. The number of organizations that paid the ransom in 2021 averaged 32%, compared to 26% in 2020. But just 8% of all of the companies that paid the ransom said they got all of their data back.
On average, organizations that paid the ransom got back only 65% of their data, with 29% getting back no more than half their data, says security firm Sophos.