These four types of ransomware account for nearly three-quarters of reported incidents

Ransomware causes problems regardless of brand, but some forms are significantly more prolific than others, with four strains of malware accounting for a combined total of almost 70% of all attacks.

According to an analysis by cybersecurity firm Intel 471, the most prevalent ransomware threat towards the end of 2021 was LockBit 2.0, which accounted for 29.7% of all reported incidents. Recent LockBit victims include Accenture and the French Ministry of Justice.

Almost one in five reported incidents involved Conti ransomware, notorious for several incidents over the past year including an attack on the Irish Healthcare Executive. The group recently had chat logs leaked, providing information about how a ransomware gang operates. PYSA and Hive each represent one in 10 reported ransomware attacks.

TO SEE: Cybersecurity: let’s get tactical (ZDNet special report)

“The most prevalent ransomware strain in Q4 2021 was LockBit 2.0, which was responsible for 29.7% of all reported incidents, followed by Conti at 19%, PYSA at 10.5% and Hive at 10.1% said the researchers.

Intel 471 cybersecurity researchers examined 722 ransomware attacks that took place between October and December 2021 and identified the most affected sectors.

Topping the list were consumer and industrial products, which accounted for nearly a quarter of organizations affected by ransomware attacks, up significantly from the previous quarter.

Consumer and industrial products are a tempting target for ransomware criminals because they are services that people rely on in their daily lives. If the provider’s network is encrypted, users cannot access the services they need.

One of the most high-profile instances of this issue occurred in 2020 when wearables, fitness trackers and smartwatch maker Garmin were hit by a ransomware attack, excluding users from the services. It has been reported that Garmin paid a multi-million dollar ransom for a decryption key to help restore the services.

The manufacturing industry was the second most affected sector, accounting for 15.9% of ransomware attacks. Many manufacturing companies work around the clock, often producing life-saving goods that people need every day.

Professional services and consulting was the third most targeted industry for ransomware, accounting for 15.4% of incidents, followed by real estate with 11.4%.

Life sciences and healthcare was the fifth most targeted sector, after an increase in attacks against it. This includes ransomware attacks on hospitals. Hospitals are a tempting target because the nature of healthcare means that if networks are offline, patients cannot be treated, so some hospitals pay ransoms.

SEE: This sneaky type of phishing is growing fast as hackers see big payouts

Ransomware is still a major cybersecurity issue and attacks continue to be successful as many victims choose to pay the ransom, despite being warned not to, as this approach encourages more attacks.

But there are steps businesses can take to avoid falling victim to a ransomware attack. This includes applying security patches as soon as possible after they are released, so hackers can’t exploit known vulnerabilities. Applying multi-factor authentication to the network is also recommended, making it harder for hackers to break into accounts and exploit them to lay the groundwork for ransomware or other malware attacks.

Organizations should also regularly update and test offline backups, so that in the event of a successful ransomware attack, the network can be restored without paying the ransom.