Ransomware hackers focus on North America, Europe
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Sarah Grillo/Axios
Ransomware primarily targeted organizations in North America and Europe last year, according to a report released by critical infrastructure security company Dragos.
Why it matters: Ransomware is widely considered a global threat that doesn't discriminate based on where a company or organization is based.
- But Dragos' new data turns that narrative on its head — and explains why the U.S. and the European Union continue to take the lead on international ransomware crackdowns.
By the numbers: 44% of all ransomware attacks that hit industrial organizations in 2023 were in North America.
- 32% targeted European critical infrastructure organizations.
- Other regions had dramatically different shares: 13% of ransomware attacks targeted Asian organizations, and 5% targeted those in South America.
The big picture: Overall, ransomware attacks against industrial organizations increased roughly 50% last year to 905 from about 600 cases in 2022.
- Dragos also tracked roughly 50 ransomware gangs that were involved in these attacks — an increase of 28% last year.
What they're saying: "A couple of years ago, there was a big focus in the U.S. government and elsewhere on ransomware groups, and then it kind of fell off," Dragos CEO Robert M. Lee told reporters during a briefing.
- "It gave the perception to the public that that falling off meant that we had this problem under control, and that's not the case."
Yes, but: One in four ransomware attacks relies on the same LockBit malware strain, meaning defenders need to focus only on a handful of remedies to protect against many attacks.
