Ransomware attacks rose by 92.7% in 2021 compared to 2020 levels, with 1,389 reported attacks in 2020 and 2,690 in 2021.

The 2021 Annual Threat Monitor from NCC Group analyzed cybersecurity events that occurred during the past year, including enterprise data breaches, ransomware, nation-state cyberattacks and more. The insights are based on incidents identified by NCC Group’s global managed detection and response service (MDR) and its global cyber incident response team (CIRT).

The increase in ransomware noted by the report builds upon a gradual rise in ransomware attacks since the COVID-19 pandemic began, with ransomware accounting for 65.4% of all incidents dealt with by our global cyber incident response team (CIRT) in 2021. The most targeted regions during 2021 were North America and Europe, accounting for 53% and 30% of all attacks respectively.

NCC Group explained that these regions are densely populated with wealthy organizations, which provides an incentive to threat actors. The team has highlighted this as the reason for the concentrated ransomware activity in these areas and have predicted that this trend will likely continue throughout 2022 and beyond.

Trends that NCC Group identified in 2020, such as surges in specific months of the year, were also seen again in 2021. An observable increase in the number of victims was reported until July, which then dropped off before another surge in August, which the NCC Group team have attributed to seasonal and holiday-related fluctuations in cybercrime activity. This would also explain the continued trend of many threat actors once again postponing their activity for the Christmas period in 2021.

The NCC Group team has proposed that the shift in the quantity of ransomware cases will be permanent and that this trend will continue to develop in 2022.

For more 2021 cyberattack analysis, download the report.