Ransomware attacks almost doubled in 2021, rising to 92.7% year-over-year, according to NCC Group, a global cyber security and risk mitigation firm.
The firm’s 2021 Annual Threat Monitor shows a gradual but noticeable rise in ransomware attacks since the pandemic began. Ransomware accounted for 65.38% of all incidents dealt with by NCC’s global cyber response team in 2021.
Throughout the year, attacks were most commonly targeted at the public (19.35%) and industrial sectors (19.35%), followed by consumer cyclicals (16.13%).
The most targeted regions for ransomware during 2021 were North America and Europe, accounting for 53% and 30% of all attacks, according to incidents identified by NCC’s global managed detection and response service and its global cyber response team.
NCC says since these regions are densely populated with wealthy organizations, it provides threat actors an incentive to employ big-game hunting. The team also predicts this trend will likely continue throughout 2022 and beyond.
NCC Group also identified ransomware surges specific months out of the year. An increase in the number of victims were reported until July, which then dropped off before another surge in August. These attacks can be attributed to seasonal and holiday-related fluctuations in cybercrime activity.
The Rise of Conti Ransomware
The most prevailing threat actor from 2021 was Conti, representing 18% of all attacks across the past two years, according to the report.
The Russia-based global threat actor that emerged in 2017, noticeably was targeting the industrial sector, followed by consumer cyclicals and technology.
North American businesses were top on Conti’s list of targets, followed by Europe, with 63.8% and 30.2% of all attacks respectively happening in these regions.
The Lockbit threat actors were also another notable group. After a brief hiatus and metamorphosis into Lockbit 2.0 in June 2021, the group became one of the biggest contributors to double extortion ransomware in 2021, accounting for 16.4% of the entire year’s ransomware cases. This contrasts its activity in 2020, in which it was absent from the list of the top 10 threat actors. \
“Many of the dangers which we first identified at the start of the pandemic have snowballed in 2021, revealing a developing threat landscape with ransomware attacks on the rise. However, despite many clear developing trends, the re-emergence of Lockbit as a prevalent actor highlights that the vulnerability landscape is still ever-changing,” said Matt Hull, global lead for strategic threat intelligence at NCC Group in a statement.
“We need to remain vigilant for new and changing threats in 2022. It is now more important than ever for organizations to ensure that they are protected from the types of attack we have reported in 2021, especially in consistently targeted sectors such as industrials and consumer cyclicals,” he said.