Ransomware Attacks Rise Almost 93% in 2021, According to New Research

Global cyber security and risk mitigation expert NCC Group has revealed that ransomware attacks almost doubled in 2021, rising 92.7% year-on-year, according to its 2021 Annual Threat Monitor.

This builds upon a gradual but noticeable rise in ransomware attacks since the COVID-19 pandemic began, with ransomware accounting for 65.38% of all incidents dealt with by our global cyber incident response team (CIRT) in 2021.

Throughout the year, attacks were most commonly targeted at the public (19.35%) and industrial sectors (19.35%), followed by consumer cyclicals (16.13%).

Compiled by NCC Group’s strategic threat intelligence team, the report details the events of 2021 and their impact on the cyber threat landscape, providing an overview of incidents across all sectors and highlighting global trends.

The insights are based on incidents identified by NCC Group’s global managed detection and response service (MDR) and its global cyber incident response team (CIRT).

Remaining consistent with NCC Group’s monthly threat pulses, the most targeted regions during 2021 were North America and Europe, accounting for 53% and 30% of all attacks respectively. v

NCC Group explained that these regions are densely populated with wealthy organizations, which provides an incentive to threat actors that employ a big-game-hunting methodology. The team has highlighted this as the reason for the concentrated ransomware activity in these areas and have predicted that this trend will likely continue throughout 2022 and beyond.v

Trends that NCC Group identified in 2020, such as surges in specific months of the year, were also seen again in 2021. An observable increase in the number of victims was reported until July, which then dropped off before another surge in August, which the NCC Group team have attributed to seasonal and holiday-related fluctuations in cybercrime activity. This would also explain the continued trend of many threat actors once again postponing their activity for the Christmas period in 2021.

The NCC Group team has proposed that the shift in the quantity of ransomware cases will be permanent and that this trend will continue to develop in 2022.

Rise of Conti Ransomware

The most prevalent threat actor noted in the report was Conti, a Russia-based global threat actor that emerged in 2017.

Conti represented 18% of all attacks across the past two years. In line with the general trends, the industrial sector was Conti’s main target, followed by consumer cyclicals and technology, accounting for 33.1%, 21.5% and 7.4% respectively. Similarly, in line with general trends, North American businesses were top on Conti's list of targets, followed by Europe, with 63.8% and 30.2% of all attacks respectively happening in these regions.

Elsewhere, another notable group that highlighted the changing nature of the vulnerability landscape was the Lockbit threat actor. After a brief hiatus and metamorphosis into Lockbit 2.0 in June 2021, the group became one of the biggest contributors to double extortion ransomware in 2021, accounting for 16.4% of the entire year’s ransomware cases. This contrasts their activity in 2020, in which they were absent from the list of the top 10 threat actors.

Matt Hull, global lead for strategic threat intelligence at NCC Group, commented: “Many of the dangers which we first identified at the start of the pandemic have snowballed in 2021, revealing a developing threat landscape with ransomware attacks on the rise. However, despite many clear developing trends, the re-emergence of Lockbit as a prevalent actor highlights that the vulnerability landscape is still ever-changing.

“We need to remain vigilant for new and changing threats in 2022. It is now more important than ever for organizations to ensure that they are protected from the types of attack we have reported in 2021, especially in consistently targeted sectors such as industrials and consumer cyclicals.”

Featured

  • The Impact of Convergence Between IT and Physical Security

    For years, the worlds of physical security and information technology (IT) remained separate. While they shared common goals and interests, they often worked in silos. Read Now

  • Unlocking Trustworthy AI: Building Transparency in Security Governance

    In situations where AI supports important security tasks like leading investigations and detecting threats and anomalies, transparency is essential. When an incident occurs, investigators must trace the logic behind each automated response to confirm its validity or spot errors. Demanding interpretable AI turns opaque “black boxes” into accountable partners that enhance, rather than compromise, organizational defense. Read Now

  • Seeking Innovative Solutions

    Denial, Anger, Bargaining, Depression and Acceptance. You may recognize these terms as the “5 Phases” of a grieving process, but they could easily describe the phases one goes through before adopting any new or emerging innovation or technology, especially in a highly risk-averse industry like security. However, the desire for convenience in all aspects of modern life is finally beginning to turn the tide from old school hardware as the go-to towards more user-friendly, yet still secure, door solutions. Read Now

  • Where AI Meets Human Judgment

    Artificial intelligence is everywhere these days. It is driving business growth, shaping consumer experiences, and showing up in places most of us never imagined just a few years ago. Read Now

  • Report: Only 44 Percent of Organizations are Fully Equipped to Support Secure AI

    Delinea recently published new research on the impact of artificial intelligence in reshaping identity security. According to the report, “AI in Identity Security Demands a New Playbook,” only 44% of organizations say their security architecture is fully equipped to support secure AI, despite widespread confidence in their current capabilities. Read Now

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.