We’ve all done it. It may seem like second nature to do a bit of extra work over the weekend, checking a few emails to catch up at home. But aside from the work-life balance drawbacks, something so seemingly simple has the potential for catastrophe.
If you download a file from an unknown sender or accidentally click a bad link, it has the power to halt your entire operation. (Think: taking down every one of your servers or making each piece of employee and client data you store inaccessible.)
Who knew your inbox could be ground zero for such a hostile takeover? Ransomware thieves. That’s who.
According to a 2022 global survey, roughly two in three organisations suffered a ransomware incident in the last year, up 78% over the previous 12 months.
Here’s how organisations across every conceivable industry are bracing themselves and safeguarding against a wave of malicious malware.
Tech Target’s Top 10 Ransomware Victims by Industry
Chris Silva, a Research Vice President on Gartner’s Endpoint and Workspace Security team, explains that “Whether a 500-person company or a 50,000-person company, everybody’s a target. What attackers really seem to be looking at is where they can expect the maximum financial impact.”
These are the industries cybersecurity vendor Sophos says ransomware thieves are tracking as the most profitable:
- Media, entertainment and leisure: Incidents are up 147% in a single year.
- Retail: Half of the 77% of companies impacted paid ransoms to get their proprietary info back.
- Energy and utilities infrastructure: Three in four oil, gas and utilities organisations were impacted – the majority of which paid big to have their operations reinstated.
- Distribution and transport: Aware of how critical this sector is to our globally connected society, cybercriminals are making hundreds of millions off distribution disruption every year.
- Business, professional and legal services: Considered by some to be the most-targeted sector of the moment, these industries often get double burned. Once when their data is stolen, and once when it’s re-posted online.
- Healthcare: Ransomware attacks on this vulnerable industry doubled from 2021 to 2022, with 61% paying ransom demands.
- Higher education: The high attack frequency and month’s long recovery rates have wreaked havoc on universities.
- Construction and property: Even in environments where physical labor drives much of the industry, 63% of these businesses still suffered ransomware attacks.
- IT, technology and telecoms: Attackers are targeting everything from computer manufacturers to backup storage providers, with MSPs experiencing extra unwanted attention.
- Central and federal government: 60% of global central government organisations sustained ransomware attacks in 2022, a 50% increase from the previous year.
2023’s Best Ransomware Defense Moves
Ransomware groups are on the rise, with listings from initial access brokers (IABs) increasing 58% between 2021 and 2022, according to ReliaQuest.
Don’t want your sensitive company data to end up being extorted and put up for sale? Try taking one of these positions in your defense landscape:
- Focus on mitigation. No amount of protection will ever bring your risk of a ransomware attack down to zero. But the better you can spot and contain one, the more likely you are to prevent extortion.
- Layer your defenses. The depth of your defense matters. Make sure multiple security measures are put in place to detect and protect across your entire network.
- Get security software. Investing in a security operations platform can help you gain more oversight and resources to help in the event of an attack.
Ransomware isn’t just profitable, and it’s a booming industry. For other sectors on this list, take note and get your guardrails in place – or pay the price.