The month of April has been identified as the most dangerous period in terms of ransomware attacks, according to research by end-to-end file encryption provider NordLocker. Last year, the month of April saw 294 ransomware incidents, the most attacks per month in all of 2022. Most of these attacks were carried out against U.S. and German companies, mainly targeting the manufacturing and finance industries, according to NordLocker research.
As a whole, 2022 was a turbulent year for cybersecurity, with ransomware attacks at the forefront. Cybercriminals conducted a number of large-scale attacks that caused major financial losses. According to NordLocker research, 2,263 ransomware attacks were carried out in 2022, 896 in the U.S. alone; 128 attacks targeted businesses in the U.K., 96 in Germany, 90 in Canada, and 74 in Italy. Nearly 2,000 companies were affected worldwide.
April 2022 Record-Breaking Ransomware Incidents
Despite the ups and downs of cyber threats over the year, one month was especially harmful — 20 ransomware groups vigorously attacked 192 companies worldwide. Compared to the annual average (188 attacks per month), April was record-breaking with 294 ransomware incidents, says NordLocker. Through April of 2022, companies with 11-50 employees were the most affected by cybersecurity breaches, with 80% of cases coming from the private sector, according to NordLocker.
The manufacturing industry was hit the hardest with 26 cyberattacks in April alone. The finance and tech sectors were also heavily targeted, with 19 and 18 breaches respectively. Additionally, the construction, retail, education and energy sectors were affected by ransomware numerous times during the month.
Twenty ransomware groups were responsible for these attacks, and LockBit and Conti are the most active, responsible for 33.21% and 23.72% of attacks. In fact, these two Russian-linked gangs are specifically responsible for this peak — April was the month when Conti and LockBit carried most of their attacks per month in 2022.
Businesses can safeguard themselves
Companies that were slow to update their security measures suffered the most damage. At the same time, those who kept up with new developments in the industry were often able to avoid such attacks altogether. Cybersecurity experts predicted a further rise in ransomware in the coming years, though many businesses remain unprepared to face such threats.
With April being such a precarious month for ransomware attacks, it’s more important than ever for businesses to take steps to protect themselves from this growing threat.
“We are continuously encouraging companies to take actions and reduce their chances of becoming victims of cybercrime. In a ransomware attack, companies can find themselves in a challenging situation when faced with a ransomware demand — often having no choice but to pay up or lose access to their data forever,” says Darius Borisas, head of business development for NordLocker.
Taking into account that in February, one of the most notorious ransomware groups managed to hit the all time record of their attacks, April is expected to be a high-risk month.
Best Practices to Protect Businesses from Ransomware Attacks
Borisas explains that ransomware continues to be one of the biggest threats facing businesses today. Organizations must stay ahead of attackers by implementing effective security measures throughout the year — not just in April.
Borisas outlines four foundational cybersecurity best practices for businesses to employ:
- Back up and encrypt your files. File backup is a fundamental cybersecurity practice and worth the additional investment because, in the unfortunate case of an attack, you will always have a copy of your files, and the sudden loss won’t interfere with your business operations. However, the most important and confidential files should be encrypted so that no one can access them. Use an encrypted cloud for confidential data storage to avoid accidents and protect your files from prying eyes.
- Adopt zero-trust network access. Every access request to digital resources by a staff member should be granted only after their identity has been appropriately verified.
- Train your employees. Proper knowledge about the most common types of threats is one of the main cornerstones of organizational cybersecurity. Training your employees on how to identify and deal with threats can have a profound impact on your company’s cybersecurity.
- Keep your software up to date. Software updates make the experience better, safer and more efficient and fix security loopholes that protect your data before hackers learn how to exploit those vulnerabilities.