The industrial goods and services sector has been the most heavily targeted with ransomware attacks so far this year, according to new data that put the industry in the top spot for the third quarter of 2021.
Ransomware operators targeted a more diverse range of sectors in the third quarter, report the Digital Shadows researchers who shared the data. While industrial goods and services was still the most targeted, the number of attacks dropped 42% compared to the second quarter of 2021. Attacks against healthcare also saw a notable decrease (31.8%); attacks against the tech sector went up 29.8%.
North America has a common target for ransomware activity "likely because threat actors have been successful in receiving large ransom payments from the region in previous campaigns," the researchers wrote in a blog post. The US continued to be the most targeted, followed by Canada. Of all the ransomware victims name to data leak sites in the third quarter, 47% were organizations based in either country.
Looking ahead, researchers point to issues related to data-leak sites that have been seen in the past few months. Many ransomware groups face challenges in managing data leak sites and hosting data on the Dark Web for download, leading to some groups exposing data on public file-sharing websites. Data-leak sites may also leave ransomware groups vulnerable to attacks.
"As Q4 comes near, it will be interesting to see if issues relating to managing data leak sites will discourage new ransomware groups to continue to pursue the path of data-leak sites, or what creative solutions they will create to work around these issues," researchers write.
Read more details here.