Missouri has the lowest incidence of ransomware attacks in the nation, with 1.8 per 100,000 companies. Kansas is a much more frequent target, with 21.7 attacks per 100,000 businesses. Overall, the United States leads the world in ransomware attacks, according to new research from NordLocker.
The research was conducted to discover which companies are at the highest risk of being targeted by ransomware. Apart from the geographic variable, researchers looked at factors such as which ransomware groups are the most active, the most affected industries, company revenue and employee count.
“Ransomware is a type of cyberattack that forces a company’s operations to a halt by taking possession of its most crucial and sensitive files and demanding a ransom from the company to get the data back,” said Tomas Smalakys, chief technology officer for NordLocker.
“This type of attack is extremely effective. In the past few years, cases have grown exponentially, while cybersecurity awareness has failed to catch up.”
Out of 18 industries studied, construction (12 percent of all attacks), manufacturing (9.6 percent), transportation (8.2 percent), health care (7.8 percent) and tech/IT (7.6 percent) industries are the most likely to be hit by ransomware in the United States.
“Ransomware gangs usually decide who their next target is based on two criteria,” Smalakys said. “The first one is how likely the targeted company is to pay up, which is weighed by looking at variables such as the company’s importance in supply chains, the quantity of confidential information that it handles and other factors that, in the case of an attack, put pressure on the company to get operations back up and running. The second criterion is more straightforward and primarily deals with the depth of the company’s pockets and how lacking in cyber defenses their business is.”
Businesses can take several actions to protect themselves:
- Encourage cybersecurity training. Investing into your employee’s knowledge is one of the fastest ways to prevent ransomware. It should be organized regularly and have a holistic approach that covers every employee
- Ensure a regular backup process. Backups can’t stop cyberattacks, but they give the company leverage. Even if a company becomes a target for ransomware, the ability to restore data immediately will guarantee business continuity.
- Keep software up to date. Most cyberattacks either use social engineering to exploit the flaws in human nature or malware utilizing outdated software. Make sure everyone at the company understands how important it is to keep software up to date.
- Adopt zero-trust network access, meaning that every access request to digital resources by a staff member should be granted only after their identity has been appropriately verified.
–Dwight Widaman | Metro Voice