2021 ransomware attack report
By |Published On: January 13th, 2022|2 min read|Categories: Ransomware, Research|

In 2020 and 2021 BlackFog measured publicly disclosed attacks globally. The 2021 ransomware attack report summarizes these findings and highlights the key trends as we enter 2022.

In 2021 there were a record total of 292 reported ransomware attacks, representing an increase of 17% year over year. Of these attacks more than 80% involved data exfiltration in some form with records disclosed on the Dark Web, websites and directly to the victims. Of those, 1 out of 3 utilized Botnets and 2/3 illegal networks. We also saw 80% of ransomware utilize PowerShell to infect victims.

BlackFog Ransomware Report

Register to get our annual report as a PDF

2021 ransomware report summary

Geographically the United States continue to dominate these attacks with over 51%, followed by the UK with 10%, Canada 5% and France and Australia 3%. The top 3 countries represented 2 out of every 3 attacks. In addition, 1 out of every 3 attacks exfiltrated data to China or Russia (16% and 12% respectively).

2021 ransomware report geography

At an organizational level we saw a continued trend to focus on small to medium enterprises in the last 4 months of the year, with the average size organization of 8,300 employees. In 2021 we also saw the average size of the target organization decrease by 31% to an average of 15,581 employees compared to 2020.

In 2021 we saw the biggest increase in ransomware in the retail sector with 100% growth. This was followed by an 89% increase in technology, 30% increase in healthcare, and 24% increase in government over 2020 numbers.

2021 ransomware report organization

Ransomware continues to see new variants and 2021 was no exception. With the success of the Colonial Pipeline attack we saw REvil dominate the landscape early and finish the year with the highest number of victims, representing 17.5% of all attacks. The latter half of the year saw a massive increase in the number of attacks from Conti, which finished the year at 16.8% of all variants, and an increase of 228% over 2020. On the positive side we saw the virtual elimination of some variants such as Ryuk, Maze Nefilim and a 160% decrease in DoppelPaymer.

2021 ransomware report variants

BlackFog has also made a number of predictions for 2022 so we shall see how these play out through the year. We are also seeing a continued increase in publicized attacks only a couple of weeks into the new year.

Share This Story, Choose Your Platform!

Related Posts

  • Big Game Hunting Rise

Big Game Hunting is on the Rise in Cybercrime

October 9th, 2024|

Big game hunting in cybercrime refers to attacks where cybercriminals target large organizations with the goal of demanding hefty ransoms. This article explores the tactics used in these attacks, provides real-world examples, and explains why this form of cybercrime is becoming increasingly common.

  • How ADX is implemented by BlackFog

TAG Blog Series 3 – How ADX is Integrated by BlackFog

September 30th, 2024|

Integrating Anti Data Exfiltration (ADX) solutions is essential for enterprise cybersecurity. This article examines how BlackFog's ADX enhances existing technologies by focusing on prevention and the shift-left paradigm. It illustrates ADX's effectiveness against ransomware and its support for modern managed security service providers, demonstrating how ADX integration creates a comprehensive security solution.

  • Data Exfiltration Extortion

Data Exfiltration Extortion Now Averages $5.21 Million According to IBM’s Report

September 23rd, 2024|

According to IBM's 2024 Data Breach Report, the financial toll of data exfiltration extortion has surged, with the average cost now reaching $5.21 million per incident. This alarming trend highlights the growing sophistication of cybercriminals and the increasing financial risks organizations face when sensitive data is compromised. As data breaches continue to escalate, businesses must prioritize robust cybersecurity measures to mitigate these costly threats.