Industrial companies remain the best ransomware destinations because attacks become more demanding and harmful to the critical infrastructure.
Ransomware groups have developed into billion dollar operations that aim at a critical infrastructure in several countries and use increasingly demanding extortion systems. Between 2020 and 2022, more than 865 documented attacks were recorded in Australia, Canada, New Zealand and Great Britain.
Criminals have escalated from simple encryption to double and triple pressing and threaten to violate stolen data as an additional leverage. The attack vectors include phishing, botnets and unpatched defects. As soon as attackers come inside, secret tools are used to exist and spread.
Blacksuit, formerly known as Conti, led to 141 attacks, followed by Lockbits 129. Ransomware-a-service groups achieved higher volumes by dividing the developers of partners, dealing with violations and negotiations.
Industrial goals carried the main load with 239 attacks on manufacturing and construction products. The sectors of consumer goods, real estate, financial services and technology were also an outstanding role. Analysts find that industrial companies are often under pressure in quick ransom payments in order to restore production.
Experts warn that today's ransomware combines the encryption of military quality with advanced education and backup stargeting and increases the missions for defense lawyers. The scale of the activity underlines how resilient these groups remain and quickly adapts to the law enforcement authorities and the shift in market opportunities.
Would you like to learn more about AI, technology and digital diplomacy? If yes, Ask our diplo chat bot!