One country—the United States—accounts for 46% of all ransomware attacks, a sobering statistic revealed in a new report from NordLocker, a European cybersecurity provider.
Yet, within the 50 states, not all have the same propensity for the nefarious attacks, NordLocker says, which analyzed multiple databases of ransomware incidents that affected more than 5,000 companies globally. The report was released Tuesday.
Ransomware, a form of malware that targets both human and technical weaknesses to make critical data or systems inaccessible, is notorious for creating problems. Financial-services companies are often targeted, but in the NordLocker report the construction industry accounts for 12% of U.S. attacks, the highest percentage. It was followed by manufacturing, 9.6%; transportation, 8.2%; health care, 7.8%; and technology/IT, 7.6%.
“Ransomware gangs usually decide who their next target is based on two criteria. The first one is how likely the targeted company is to pay up, which is weighed by looking at variables such as the company’s importance in supply chains, the quantity of confidential information that it handles, and other factors that, in the case of an attack, put pressure on the company to get operations back up and running,” Tomas Smalakys, NordLocker chief technology officer, says in a statement.
“The second criteria is more straightforward and primarily deals with the depth of the company’s pockets and how lacking in cyber defenses their business is. When you look at the data through this lens, you see why certain industries are more affected than others,” Smalakys adds.
And while a common assumption may be that larger companies are targeted more often, perhaps because they could afford to pay larger bounties, NordLocker’s analysis shows that companies of 1,000 and more employees account for just 8% of ransomware attacks. Smaller companies tend to bear the brunt of the attacks. Companies of no more than 10 employees were attacked in 14.5% of cases. Companies of between 11 and 50 employees accounted for 22.4% of attacks. Those with between 51 and 200 personnel tallied 28.9% of all U.S. attacks. And companies with 201 to 500 employees, 15.6%.
Smalakys says small businesses are more apt to be attacked because cybersecurity “is often an afterthought. “Smaller companies justifiably prioritize growing their operation, leaving cybersecurity on the sidelines. This, combined with the usually thin profit margins small businesses endure, makes them not only easy to hack but very likely to pay up as well because they do not have the funds to sustain a prolonged halt to operations,” he says.
NordLocker’s research also found that attack rates can vary widely by state, with Michigan the most affected at 38.2 attacks per 100,000 companies. Missouri was the least affected, at 1.8 attacks per 100,000 companies.