More than 43 percent of reported incidents happened in the United States.
Global ransomware attacks are on the rise, according to a report issued by Malwarebytes. The study shows a massive surge from July 2022 to June 2023, with the United States bearing the brunt of these attacks. The organization noted that of the 1,900 reported ransomware attacks collected, over 43 percent originate in the U.S, an increase of 75 percent from last year’s findings.
Germany, France and the UK also experienced an uptick in deployed ransomware, but at a lower rate than the United States. The report details 48 separate ransomware groups that attacked American companies, governmental organizations and garden variety consumers during the aforementioned time period. Even worse? Healthcare and educational institutions were disproportionately impacted. For instance, dental insurer Managed Care of North America (MCNA) experienced a breach back in March and the New York City Department of Education was hit in June.
It’s worth noting that the study conducted by Malwarebytes shows only reported incidents, so the actual number of attacks could be much higher than 1,900. The whole point of a ransomware attack is to, well, exact a ransom, so some organizations make the payout and keep things quiet.
What exactly is a ransomware attack? It’s malware expressly designed to deny users and organizations access to files on a computer. The software locks everything up tight and when you pay the ransom, you receive a decryption key to regain access to the files. It’s a digital shakedown.
The biggest global offender is a ransomware gang called Clop, long-suspected to have ties to Russia. The criminal organization has evolved in the past year, capitalizing on zero-day software vulnerabilities to amp up the scope of its attacks. Back in June, the group took advantage of one of these vulnerabilities in enterprise file transfer software to breach the servers of hundreds of companies, including the largest US pension fund.
Malwarebytes says this transition to zero-day software exploits, instead of phishing emails and virus-laden downloads, could “signal a change in the game” and explain the increase in reported incidents.
As for the rest of the world, France’s numbers doubled in the past year, with a disproportionate number of attacks levied at governmental institutions. The UK experienced 200 attacks from 32 separate groups with an alarming uptick in frequency. Last year, the country reported a single ransomware attack per month. In this most recent year, it was eight per month.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.