In a recent survey conducted by cybersecurity vendor Sophos, it was revealed that around two in three organizations have suffered a ransomware incident in the past year. One of the hardest-hit sectors was education, with four in five organizations in the sector reporting attacks. However, experts caution that no industry is immune to the threat of ransomware.
The education sector has been particularly vulnerable to ransomware attacks, with 80% of elementary, middle, and high schools, as well as 79% of higher education institutions, reporting attacks. These attacks have had a significant impact on the sector, with many organizations losing business or revenue as a result. One notable example is the Los Angeles Unified School District, which was targeted by the ransomware gang Vice Society. When the district refused to pay the ransom demand, the operators leaked 500 GB of stolen data on the dark web.
The construction and property sector has also experienced a significant increase in ransomware attacks in recent years. In 2023, 71% of businesses in this sector reported attacks, marking a 129% increase in just two years. These attacks have resulted in considerable financial losses for many organizations in the sector. Real estate investment firm Marcus & Millichap disclosed in late 2021 that it had experienced a cybersecurity attack, believed to be the work of the BlackMatter ransomware gang.
Central and federal government organizations have also been frequent targets of ransomware attacks. Seventy percent of central government organizations globally reported attacks in the past year. One notable incident involved the Conti gang launching a ransomware attack on the central government of Costa Rica, leading the country’s president to declare a national state of emergency. In another high-profile attack, Ireland’s national health service fell victim to ransomware, causing a shutdown of all hospital IT systems and disrupting patient care.
The media, entertainment, and leisure sector has consistently remained a top target for ransomware attacks. In 2023, 70% of organizations in this sector reported attacks. Many of these incidents were caused by exploited vulnerabilities, highlighting widespread security gaps within the industry. Book publisher Macmillan Publishers had to take all of its IT systems offline following a cyber attack, halting book orders. Other victims include Cox Media Group and Sinclair Broadcast Group, which experienced operational disruptions due to confirmed ransomware attacks.
Local and state government organizations have also not been spared from ransomware attacks, with 69% reporting incidents in the past year. These attacks have had significant consequences, such as the ransomware attack on Suffolk County, NY, which forced the county to take all its systems offline and compromised emergency services. More recently, the City of Dallas experienced a ransomware attack that disrupted multiple services, including emergency response.
The retail sector has also been heavily targeted by ransomware attacks, with 69% of organizations in the sector reporting incidents. While this represents a slight improvement from the previous year, it shows that the sector remains vulnerable. British retailer FatFace had to pay a ransom to the Conti gang to recover company data, while a ransomware supply chain attack on software provider Kaseya affected as many as 1,500 businesses, including Swedish grocery store chain Coop.
The energy and utilities infrastructure sector has also been a popular target for ransomware attacks, with 67% of organizations reporting incidents. These attacks can cause significant damage and disruption, making the sector particularly attractive to cybercriminals. One of the most well-known attacks in this sector was the DarkSide gang’s attack on Colonial Pipeline Co., which disrupted the fuel supply on the US East Coast for several days.
The distribution and transport sector has also suffered from ransomware attacks, with two out of three companies reporting incidents. Organizations in this sector have long been seen as attractive targets for cybercriminals. Danish shipping giant Maersk experienced a notorious attack almost a decade ago that cost the company up to $300 million in lost revenue. More recently, German fuel logistics firm OilTanking was hit by ransomware, disrupting deliveries to around 200 gas stations.
The financial services sector has also been a prime target for ransomware attacks. While there is some good news for this sector, with the overall attack rate dropping by 4 percentage points from the previous year, it is still a significant concern. Ransomware attacks pose a significant threat to financial institutions and the sensitive data they hold.
Overall, it is clear that no industry is safe from the threat of ransomware. Cybercriminals are primarily motivated by financial gain and will target any organization they believe will yield the highest returns. It is crucial for organizations to invest in robust cybersecurity measures to protect themselves from these attacks and mitigate the potential damage they can cause.