Top 5 business sectors targeted by ransomware

You may have heard me mention ransomware before. You know, the malware that locks up your systems and asks you to pay money in order to get them unlocked? You may think, since you’re not a finance company, that your business isn’t going to be targeted by ransomware and you don’t need to worry about it as much, right? First, ransomware notoriously affects systems it didn’t target, by mistake. Second, more sectors than ever are being targeted. Here are five business sectors you may not have realized are being targeted by ransomware.

SEE: Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic)

1. Healthcare. Two major attacks on healthcare institutions in the US, and one major attack in Germany, have raised a lot of awareness about this. While some groups have pledged not to attack healthcare targets, they remain attractive because the pressure is greater to pay. 
2. The legal sector. Law firms are often still catching up in security practices for data, leaving a higher probability of success for the attacker–there’s money there. Research and Markets estimates legal services will be a one trillion dollar market by 2025.
3. Farming and food production. Riana Pfefferkorn, associate director of Surveillance and Cybersecurity at Stanford, notes that supply chain disruptions caused by COVID revealed weaknesses that hint at vulnerabilities. Farming and food supply may also not be fully up to date on cybersecurity practices.
4. Education. Yazoo County School District in Mississippi recently paid $300,000 to recover files from a ransomware attack. Increased tech use for remote learning during lockdowns definitely increases the surface area for attacks.
5. Manufacturing. According to Darktrace, cyberattacks against manufacturers increased seven times between January and April 2020. Twenty-six percent of companies Darktrace surveyed didn’t have a division overseeing security at factory management systems. 

Obviously public infrastructure, energy, and more are potential targets as well. The point is, any sufficiently valuable sector with any kind of legacy infrastructure is ripe for a ransomware attack, so you need to be prepared.

Subscribe to TechRepublic Top 5 on YouTube for all the latest tech advice for business pros from Tom Merritt.

Also see