Ransomware has been described as a global epidemic, and the research highlights the most affected countries, industries, and ransomware groups.
Among the five countries most affected by ransomware, the U.S., Canada, United Kingdom, France, and Germany topped the list. The U.S. manufacturing and construction industries were hardest hit.
U.S. organizations accounted for almost 2,400 of the 5,200 cases recorded on ransomware groups' websites. In California, Texas, Florida, and New York, businesses suffered the greatest number of ransomware attacks, but Michigan businesses were worst hit when adjusted by how many businesses each state has.
During this period, small and mid-sized businesses with two to 200 employees suffered the most attacks, accounting for 46% of all ransomware attacks.
Industry sectors hit hardest by ransomware include manufacturing and construction.
Sector-specific ransomware cases, January 2020 to July 2022.
Nearly one-third of all ransomware attacks were attributed to two ransomware groups, LockBit and Conti. LockBit was responsible for 855 attacks, or 16% of all attacks, followed by Conti with 796 attacks, or 15%.
A recent attack on cybersecurity vendor Entrust was deemed to be the work of LockBit, which most recently claimed responsibility.
Following a $15 million reward offered by the State Department for information about Conti's leadership, and an FBI report describing Conti ransomware as the "costliest strain of ransomware ever documented," Conti shut down key pieces of its infrastructure in May. It is possible that the Conti brand has been discontinued, but members are reviving it, and it may reappear under a new name when members reorganize the group.