April is the most dangerous month of the year, ransomware report shows
Added: (Fri Apr 21 2023)
Pressbox (Press Release) -
April has been identified as the most dangerous period in terms of ransomware attacks, according to research by NordLocker. Last year, April saw 294 ransomware incidents, the most attacks per month that year. Most of these attacks were carried out against US and German companies, mainly targeting the manufacturing and finance industries.
Ransomware attacks on the rise
The whole of 2022 was a turbulent year for cybersecurity, with ransomware attacks at the forefront. Cybercriminals conducted a significant number of large-scale attacks that caused major financial losses. Last year, 2,263 ransomware attacks were carried out, 896 in the US alone. 128 attacks targeted businesses in the UK, 96 in Germany, 90 in Canada, and 74 in Italy. Nearly 2,000 companies were affected worldwide.
192 companies attacked in one month
Despite the ups and downs of cyber threats over the year, one month was especially harmful — 20 ransomware groups vigorously attacked 192 companies worldwide. Compared to the annual average (188 attacks per month), April was record breaking with 294 ransomware incidents.
Through April of 2022, companies with 11-50 employees were the most affected by cybersecurity breaches, with 80% of cases coming from the private sector, according to NordLocker research.
The manufacturing industry was hit particularly hard, with 26 cyberattacks in April alone. The finance and tech sectors were also heavily targeted, with 19 and 18 breaches respectively. Additionally, the construction, retail, education, and energy sectors were affected by ransomware numerous times during the month.
Twenty ransomware groups were responsible for these attacks, and LockBit and Conti are the most active, responsible for 33.21% and 23.72% of attacks, respectively. In fact, these two Russian-linked gangs are specifically responsible for this peak — April was the month when Conti and LockBit carried most of their attacks per month in 2022.
Businesses can safeguard themselves
Companies that were slow to update their security measures suffered the most damage. At the same time, those who kept up with new developments in the industry were often able to avoid such attacks altogether. Cybersecurity experts predicted a further rise in ransomware in the coming years, though many businesses remain unprepared to face such threats.
With April being such a precarious month for ransomware attacks, it's more important than ever for businesses to take steps now to protect themselves from this growing threat.
"We are continuously encouraging companies to take actions and reduce their chances of becoming victims of cybercrime. In a ransomware attack, companies can find themselves in a challenging situation when faced with a ransomware demand — often having no choice but to pay up or lose access to their data forever," says Darius Borisas, head of business development for NordLocker.
Taking into account that in February, one of the most notorious ransomware groups managed to hit the all time record of their attacks, April is expected to be a high-risk month.
How can businesses protect themselves from ransomware attacks?
Darius Borisas explains that ransomware continues to be one of the biggest threats facing businesses today. Organizations must stay ahead of attackers by implementing effective security measures throughout the year — not just in April.
Below, Darius Borisas outlines easy-to-implement and highly effective cybersecurity practices that require little to no investment.
● Back up and encrypt your files
File backup is a fundamental cybersecurity practice and worth the additional investment because, in the unfortunate case of an attack, you will always have a copy of your files, and the sudden loss won't interfere with your business operations.
However, the most important and confidential files should be encrypted so that no one can access them. Use an encrypted cloud for confidential data storage to avoid accidents and protect your files from prying eyes.
● Adopt zero-trust network access
Every access request to digital resources by a staff member should be granted only after their identity has been appropriately verified.
● Train your employees
Proper knowledge about the most common types of threats is one of the main cornerstones of organizational cybersecurity. Training your employees on how to identify and deal with threats can have a profound impact on your company's cybersecurity.
● Keep your software up to date
Software updates make the experience better, safer, and more efficient and fix security loopholes that protect your data before hackers learn how to exploit those vulnerabilities.
Methodology: Data was collected from publicly available blogs where ransomware gangs post the names of their victims and their demands. The ransomware attacks under investigation all happened during the period between 01/01/2020 to 28/02/2023.
ABOUT NORDLOCKER
NordLocker is the world’s first end-to-end file encryption tool with a private cloud. It was created by the cybersecurity experts behind NordVPN – one of the most advanced VPN service providers in the world. NordLocker is available for Windows and macOS, supports all file types, offers a fast and intuitive interface, and guarantees secure sync between devices. With NordLocker, files are protected from hacking, surveillance, and data collection. For more information: nordlocker.com.