Reasons why we see more ransomware attacks than ever before

Reasons why we see more ransomware attacks than ever before

Cybersecurity specialists have noted several worrying trends over the past year, with ransomware being one of the most. Admittedly, this is far from a new problem, but it is now more common than ever. Each month of Q2 2021 set a new record for ransomware attempts, contributing to a 151% year-over-year increase compared to 2020.

Cyberattacks have increased over the past year, but ransomware attacks are outpacing other forms. For example, malware dropped by 24% in the same time period that ransomware more than doubled. Ransomware is driving the increase in cyberattacks overall, not the other way around.

This substantial uptick is not the result of a single trend, but of many factors combined. Here are five of the most important.

1. Willingness to pay is increasing

One of the strongest drivers of this recent ransomware trend is an increased likelihood of success. Today, many companies are willing to pay the ransom to get their data back rather than risk losing it in an attempt to recover it. In this same year, 32% of attacked organizations paid the ransom, compared to 26% in 2020.

This increasing willingness to pay encourages cybercriminals to attempt more attacks and demand higher ransoms. Receiving a ransom is the easiest way for these criminals to profit, as selling stolen data requires more steps and less is likely to be paid.

2. Cybercriminals have more motivation

The details of this increase in ransomware indicate some of its main causes. In particular, these attacks did not increase evenly across verticals. While ransomware overall increased by 151% in 1H2021, attacks on government targets increased by 917%, and attacks on education and healthcare increased by 615% and 594%, respectively.

This uneven distribution reflects the two main motivations for ransomware: politics and money. Rising international tensions have led to more politically motivated attacks, as indicated by the upward trend in government-targeted attacks. Similarly, increased digitization in companies that handle sensitive data, such as education and healthcare, gives hackers a greater financial motivation.

3. New vulnerable targets are emerging

The rapid digitization of the world since the COVID-19 pandemic has also presented cybercriminals with new targets. Industries and companies new to digital technologies are less likely to have sufficient cybersecurity, making them easier targets. Similarly, many of these companies handle sensitive data that hackers can now steal and encrypt amid hasty digitization.

Attacks against healthcare companies, especially those traditionally less digitized, highlight this trend. A ransomware attack hit 110 nursing homes and demanded a $14 million ransom. The facilities, which were not equipped to deal with the problem, had to revert to paper-and-pencil patient records. These companies are vulnerable and newly susceptible to ransomware, which attracts more attacks.

4. Cryptocurrencies enable anonymous transactions.

A less obvious factor behind this ransomware trend is the growing popularity of cryptocurrencies. Although crypto transactions leave permanent records, personal information remains anonymous, providing an ideal payment process for hackers. Cybercriminals can demand your ransom in bitcoin or another cryptocurrency to prevent anyone from tracing the transaction back to them.

Active bitcoin addresses have doubled since the early 2020s, and adoption now outpaces the growth of internet users. As cryptocurrencies have become more popular, it is easier for people to buy and send them, making ransomware more feasible. The more people use these services, the more likely hackers are to get a successful payout.

5. Ransomware as a service is growing

Ransomware is also on the rise because it is becoming easier to do. There has been a dramatic increase in “off-the-shelf” ransomware tools, allowing more people to carry out these attacks. Criminals with little or no technical expertise can now profit from ransomware, thanks to ransomware-as-a-service programs.

Many hackers found themselves with more free time in the midst of the pandemic. As a result, some developed off-the-shelf ransomware packages, while others bought and used them. As ransomware continues to make more profit, the demand for these tools will increase, leading to even more attacks.

Businesses must protect themselves against ransomware

The socio-political, technical and cultural changes of the past year have created a perfect storm for the birth of this growing ransomware movement. We at redborder believe it is important for businesses to be aware of these factors in order to understand the severity of the situation. Failure to recognize the importance of this threat could result in very poor security.

Protection against ransomware is more critical than ever. In light of this threat, companies must stay on top of developing cyber attack trends and ensure they have the latest cybersecurity tools.

Share this post

About our cybersecurity solution!


Redborder is a Big Data solution for network visibility, data analysis and cybersecurity fully scalable according to the needs of the network infrastructure of each company
or Service Provider.

NDR Solution

Scalable and modular

On premise or cloud

Desktop, Ios/ Android