Cognyte CTI Research Group
August 08, 2021

Ransomware attack statistics 2021 – Growth & Analysis

In March, we presented Cognyte’s Cyber Threat Intelligence Research Group’s 2020 Annual Cyber Intelligence Report, illustrating trends in ransomware during the year and the evolving state of this criminal industry. Ransomware groups are still busy extorting victims, and Cognyte’s CTI Research Group is still busy answering the questions most asked by SOCs and CSIRT teams. Read on to learn our newest findings for the first half of 2021.

What was the growth of ransomware attacks in 2021?

The number of ransomware attacks nearly doubled in the first half of 2021. According to our research, 1,097 organizations were hit by ransomware attacks in the first half of 2021. In contrast, our 2020 report found 1,112 ransomware attacks for the entire year. These attacks involved data exfiltration and the leakage of victim’s data.

Ransomware statistics 2020
2020 ransomware attack statistics
Ransomware statistics 2021
H1 2021 ransomware attack statistics

Who was behind most ransomware attacks in 2021?

Our analysis of ransomware attacks in the first half of 2021 revealed that the number of ransomware victims grew by almost 100%, while 60% of the attacks were performed by only three ransomware groups – Conti, Avaddon, and Revil.

Ransomware groups responsible for attacks in 2021
Three ransomware groups are responsible for 60% of all attacks in H1 2021

Which countries were targeted by ransomware attacks in the first half of 2021?

Although the number of attacks doubled, the list of the top 10 most targeted countries remained the same. The US is still by far the most targeted country, with 54.9% of total victims.

Ransomware attacks by country
Ransomware attacks by country

The top 5 industries targeted by ransomware attacks in 2021

As for the most targeted industries, the manufacturing segment remained the most targeted industry, accounting for 30% of the total attacks.

Industries most targeted by ransomware
Most targeted industries

The findings of this research are based on Cognyte’s Luminar threat intelligence analytics, used for Deep & Dark Web monitoring and analysis of global security threats.

Want to learn more about ransomware attacks?

Is your cybersecurity team curious about new trends evolving in the ransomware space? Our 2020 Annual Cyber Intelligence Report has detailed insights on the state of the industry during the last year.

You can learn even more on the topic by watching our recent webinar:  The ransomware landscape: trends, attackers & targets,

Cognyte CTI Research Group

Cognyte's Cyber Threat Intelligence (CTI) research team (formerly SenseCy) is comprised of handpicked expert analysts, many of whom are ex-military intelligence, with years of experience in cyber threat intelligence and analysis. Our research team monitors, analyzes and validates threat actors’ malicious activities on platforms such as social networks, mobile applications, Deep Web sites, Dark Web marketplaces, hacker forums, IRC channels, global CVEs and external threat intelligence generated by leading security providers. The Research group regularly produces threat alerts and intelligence reports based on region, industry and organization-specific threats, including in-depth analysis, actionable recommendations, IoCs and more, to proactively identify and mitigate threats before they materialize, to enhance resilience and prevent future attacks.
See more from this author

Enhance your Threat
Intelligence Analytics Today