Royal ransomware is targeting US critical infrastructure

According to new research by NordLocker, American businesses were targeted with nearly half of ransomware attacks between January 2020 and July 2022. This list is comprised of publicly acknowledged ransomware attacks, so while the true impact of ransomware globally is unknown, the research nonetheless is eye-opening. Of 5,200 cases recorded, approximately 2,400 incidents were against the United States.

Interestingly, the ransomware affected small businesses—those with two-200 employees—the most, accounting for 46% of attacks. Businesses in California, Texas, New York and Florida were top geographical targets.

Aside from employee count, NordLocker broke out ransomware cases by industry, and not surprisingly manufacturing was the top target at 436 cases. Construction, Transportation/Logistics, Tech/IT and Healthcare were the top five industries affected, respectively.

As NordLocker researchers explained, ransomware cybercriminal groups are vocal about successfully attacking their targets. They want to exploit and embarrass the target in public as much as possible, so there is little anonymity, if any, in the ransomware cyber crime world.

Lock Bit was responsible for 855 ransomware cases, with Conti not far behind with 796. Conti has been very active recently, targeting all sorts of businesses and government agencies within Ukraine. REvil also nears the top with 284 attributed cases.

Targets by company revenue also revealed interesting statistics. The fewest ransomware attacks were recorded against companies worth between $5-10 billion, but companies with over $10 billion had twice as many cases.

Ransomware remains an enormous problem, with businesses, school districts, and government agencies around the world hit nearly every day. As long as victims keep paying, ransomware cyber criminals will keep targeting.