Is Your Business A Target? Top 10 Ransomware Targets in 2023

June 1, 2023

We’ve all done it. It may seem like second nature to do a bit of extra work over the weekend, checking a few emails to catch up at home. But aside from the work-life balance drawbacks, something so seemingly simple has the potential for catastrophe.

If you download a file from an unknown sender or accidentally click a bad link, it has the power to halt your entire operation. (Think: taking down every one of your servers or making each piece of employee and client data you store inaccessible.)

Who knew your inbox could be ground zero for such a hostile takeover? Ransomware thieves. That’s who.

According to a 2022 global survey, roughly two in three organisations suffered a ransomware incident in the last year, up 78% over the previous 12 months.

Here’s how organisations across every conceivable industry are bracing themselves and safeguarding against a wave of malicious malware.


Tech Target’s Top 10 Ransomware Victims by Industry

Chris Silva, a Research Vice President on Gartner’s Endpoint and Workspace Security team, explains that “Whether a 500-person company or a 50,000-person company, everybody’s a target. What attackers really seem to be looking at is where they can expect the maximum financial impact.”

These are the industries cybersecurity vendor Sophos says ransomware thieves are tracking as the most profitable:

1. Media, entertainment, and leisure: Incidents are up 147% in a single year.

2. Retail: Half of the 77% of companies impacted paid ransoms to get their proprietary info back.

3. Energy and utilities infrastructure: Three in four oil, gas, and utilities organisations were impacted – the majority of which paid big to have their operations reinstated.

4. Distribution and transport: Aware of how critical this sector is to our globally connected society, cybercriminals are making hundreds of millions off distribution disruption every year.

5. Business, professional, and legal services: Considered by some to be the most-targeted sector of the moment, these industries often get double burned. Once when their data is stolen, and once when it’s re-posted online.

6. Healthcare: Ransomware attacks on this vulnerable industry doubled from 2021 to 2022, with 61% paying ransom demands.

7. Higher education: The high attack frequency and month-long recovery rates have wreaked havoc on universities.

8. Construction and property: Even in environments where physical labor drives much of the industry, 63% of these businesses still suffered ransomware attacks.

9. IT, technology, and telecoms: Attackers are targeting everything from computer manufacturers to backup storage providers, with MSPs experiencing extra unwanted attention.

10. Central and federal government: 60% of global central government organisations sustained ransomware attacks in 2022, a 50% increase from the previous year.


2023’s Best Ransomware Defense Moves

Ransomware groups are on the rise, with listings from initial access brokers (IABs) increasing 58% between 2021 and 2022, according to ReliaQuest.

Don’t want your sensitive company data to end up being extorted and put up for sale? Try taking one of these positions in your defense landscape:

  • Focus on mitigation. No amount of protection will ever bring your risk of a ransomware attack down to zero. But the better you can spot and contain one, the more likely you are to prevent extortion.
  • Use strong passwords and two-factor authentication. Passwords are often the weakest link in any defense against ransomware, so make sure they’re as secure as possible. Strong passwords should have at least 10 characters including upper- and lower-case letters, numbers, and special characters. Additionally, using two-factor authentication (2FA) adds an extra layer of security to your accounts by requiring you to enter a code sent to your phone or email every time you log in.
  • Enhance Endpoint Security. Endpoint protection works via a combination of network and device-level defences. At the network level, the organization may restrict access to the enterprise network based on a device’s compliance with corporate security policies and the least privilege. By blocking insecure devices from accessing the corporate network and sensitive resources, the organization restricts its attack surface and enforces its security policies. To learn more about how endpoint security works, check this out!
  • Backup your data. If you get attacked by ransomware but have backups of your files, there’s not going to be a point for malicious threat actors to blackmail you. This way, you can avoid paying the ransom.
  • Layer your defenses. The depth of your defense matters. Make sure multiple security measures are put in place to detect and protect your entire network.
  • Get security software. Investing in a security operations platform can help you gain more oversight and resources to help in the event of an attack.
  • Security awareness training for all employees. This will help organizations guard against an ever-evolving array of threats. Teach employees how to spot signs of ransomware, such as emails designed to look like they are from authentic businesses, suspicious external links, and questionable file attachments.

Ransomware isn’t just profitable, it’s a booming industry. For other sectors on this list, take note and get your guardrails in place – or pay the price.

Share article

Sign up to our newsletter