US becomes ransomware capital of the world as attacks rise by almost 150 percent

Using proprietary data, as well as samples and information collected from the wider internet, Zscaler’s researchers determined that 50% of all ransomware attacks in the last year happened in the United States, “significantly outpacing” Canada (5%) and the UK (4%).

Even when you combine all the attacks reported across the top 15 most-targeted countries, there are fewer than 3,671 that were reported in the US.

Stealing without encrypting

The number of attacks is also increasing. Year-on-year, it is up by 146% in the US, with manufacturing (1,063), technology (922), and healthcare (672) being the most-targeted industries, mostly for the potential for operational disruption, the sensitive of the stolen data, and the risk of regulatory pressure and reputational damage. Companies in the oil and gas sector saw a “staggering” increase in ransomware attacks - 900% year-on-year.

Zscaler also said that ransomware actors are increasingly abandoning the encryption part of the attack, and are focusing solely on data theft. In the last year, 10 of the biggest ransomware groups exfiltrated 238 TB of data, up 92% from last year’s 123 TB.

Right now, the biggest names in the ransomware space are RansomHub (833 victims), Akira (520), and Clop (488), but the number of threat actors is also rising. In the last year alone, the researchers identified 34 newly active ransomware families, bringing the total number up to 425.

Ransomware “flourishes” in environments with fragmented security, limited visibility, implicit trust, and outdated legacy architectures, Zscaler stresses, urging businesses to mitigate these threats by adopting a cloud-native, AI-driven, zero-trust architecture.

You might also like

• US Authorities Issue RansomHub Ransomware Alert
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers