25% of All Global Ransomware Attacks Directed at US

Cybersecurity firm BitDefender's analysis of attacks that took place in November 2021 shows the US is most targeted country.
Aaron Drapkin

One quarter of all ransomware attacks that took place in November 2021 were targeted at people living in the United States, a recent report has revealed. 

The news that American businesses and consumers are being hit more frequently than other countries means it’s of utmost importance that US residents have antivirus software and other cybersecurity tools installed. 

The figures are all the more concerning considering that security teams have been scrambling to patch a Log4J vulnerability – a huge flaw in a logging library present in systems used by hundreds of millions of people – discovered just a few weeks ago. 

Ransom… Where? The Countries Most Affected

BitDefender, who authored the report, analyzed all malware detected by its static anti-malware engines.

The cybersecurity company chose to focus on the volume of ransomware attacks, rather than “how monetarily significant the impact of the infection is.”

“Spear phishing attacks are often used as an initial attack vector. Ransomware infection is often the final stage of the same kill chain”. – BitDefender.

Although the United States was the country targeted most by ransomware attacks during the month of November, it wasn’t the only country dealing with an avalanche of threat actors. 

Brazilians were impacted by around 17% of the global malware load, whilst India was the third most affected country, with 12% of all attacks directed there. 

According to BitDefender, Iran, France, Germany, Italy, Canada, Romania, and Mexico conclude the top 10. 

Keeping it in The Family

BitDefender also identified the different ransomware families – Groups of ransomware that share common coding and behavioral characteristics – being used to target consumers and businesses. 

WannaCry ransomware account for just over a third (34%) of all ransomware detected by BitDefender. Like other types of ransomware, WannaCry takes data on your device hostage and demands payment to release it – typically in Bitcoin. 

“BitDefender analyzed 10.8 million malware detections from November 1st to November 30th. In total, we identified 222 ransomware families”.

The hack exploits an issue in the Windows operating system and rose to prevalence in 2017 as it spread rapidly through computer networks. 

Stop/DJVU was the second most common ransomware family, a trojan that looks to orchestrate much the same process as WannaCry, encrypting files and demanding money to unlock them. 

GrandCrab also makes the list, accounting for 12% of all ransomware detected by BitDefender, who actually made a decryptor tool that can successfully return files locked by a number of versions of the trojan. 

Other Interesting Findings

Around a fifth of the ransomware detected was attributable to different industries. Telecommunications fared the worst (27%), whilst educational (26%) and government bodies(22%) also suffered many attacks directed specifically at their respective sectors. 

There were also swathes of Android Trojans detected, such as Downloader.DN, which is bundled into Google Play Store apps and will leave aggressive adware on user devices. 

SLocker.BRM was also detected frequently, which BitDefender describes as a ‘Simplistic version of mobile ransomware” that will block access to devices by putting a screen up over every window a user opens. 

Other Android malware directed had even more sinister aims, such as detecting banking apps on a given device and downloading “trojanized versions” from a command and control server. 

How Can I Protect Myself?

Spear Phishing attempts are where ransomware attacks often start – a user has to click on a malicious link in some form of communication, like an email, or actively hand over information by typing it into a malicious site. 

Phishing is a type of social engineering technique that often involves posing as a legitimate company and sending out emails that appear genuine, but in fact, aren’t. If you’re a business then, it’s vitally important you educate your employees on the telltale signs of phishing so they have the best chance of avoiding it. 

However, human error is a defect that permeates all corners of our existence, and although preventative measures can be taken, antivirus software is really the only thing that’s going to help you out if you are targeted by a threat actor and accidentally download some malware. 

Ransomware and other types of malware are becoming more numerous, more sophisticated, and ultimately more dangerous – so taking the appropriate steps to secure your networks is vital. 

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Aaron Drapkin is a Senior Writer at Tech.co. He has been researching and writing about technology, politics, and society in print and online publications since graduating with a Philosophy degree from the University of Bristol three years ago. As a writer, Aaron takes a special interest in VPNs and project management software. He has been quoted in the Daily Mirror, Daily Express, The Daily Mail, Computer Weekly, and the Silicon Republic speaking on various privacy and cybersecurity issues, and has articles published in Wired, Vice, Metro, The Week, and Politics.co.uk covering a wide range of topics.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals