Feb 20, 2024 - Technology

Ransomware hackers focus on North America, Europe

Illustration of a mouse in a bear trap

Illustration: Sarah Grillo/Axios

Ransomware primarily targeted organizations in North America and Europe last year, according to a report released by critical infrastructure security company Dragos.

Why it matters: Ransomware is widely considered a global threat that doesn't discriminate based on where a company or organization is based.

By the numbers: 44% of all ransomware attacks that hit industrial organizations in 2023 were in North America.

  • 32% targeted European critical infrastructure organizations.
  • Other regions had dramatically different shares: 13% of ransomware attacks targeted Asian organizations, and 5% targeted those in South America.

The big picture: Overall, ransomware attacks against industrial organizations increased roughly 50% last year to 905 from about 600 cases in 2022.

  • Dragos also tracked roughly 50 ransomware gangs that were involved in these attacks — an increase of 28% last year.

What they're saying: "A couple of years ago, there was a big focus in the U.S. government and elsewhere on ransomware groups, and then it kind of fell off," Dragos CEO Robert M. Lee told reporters during a briefing.

  • "It gave the perception to the public that that falling off meant that we had this problem under control, and that's not the case."

Yes, but: One in four ransomware attacks relies on the same LockBit malware strain, meaning defenders need to focus only on a handful of remedies to protect against many attacks.

Go deeper