Ransomware attacks on are the rise. Data published earlier this month by Proofpoint found that ransomware demands have spiked by 320 percent over the last year. Payments are also on the rise as many victims find themselves in the unenviable and untenable position of being forced to pay simply to regain access to their essential systems.
With more work going remote and more reliance on these systems than ever before, ransomware attacks are likely to continue to grow as a threat, but there is one factor that you may not have considered in terms of risk: geography. According to data published by PC Matic, some states are being hit by ransomware at an unexpectedly high rate.
Researchers at the antivirus software maker looked at hundreds of ransomware attacks that have hit corporations, small businesses, and government agencies over the last four years and determined which states have been hit hardest. They found that California was the worst hit, suffering a total of 44 significant ransomware attacks since 2016. Texas was the next hardest-hit, with 36 attacks within its border. Georgia, which famously saw two major municipalities get hit hard by ransomware — Atlanta in 2018 and Hall County in 2020 — saw the third-highest number of attacks with 24. Florida and New York rounded out the top five, both getting hit with 21 noteworthy attacks.
Many of these states, which are among the United States’ most populous and homes to significant corporate headquarters, make sense as primary targets of attackers. But on a per capita basis, other states have been harder hit. Montana, the second-worst hit by this metric, saw four major ransomware attacks over the last four years, all targeting school systems around the state. That is an outsized number of attacks given the state’s sparse population. Connecticut was the third-most affected on a per capita basis, suffering a total of 13 attacks in the last four years. The state most affected by ransomware on a per capita basis was Alaska, which suffered from four attacks total in the last four years.
There is a reason that attackers target states and municipalities that may seem small and less significant than hitting a multinational corporation or major metropolis: they are less likely to have the necessary technical support to protect themselves and will be more likely to pay if hit. Understaffed IT departments that are already stretched thin dealing with remote work or remote learning may simply choose to pay the price that attackers want to continue operation rather than try to restore from backups or wait out the attack. Big fish may mean a bigger return, but the small fish are easier to reel in.
Ransomware is likely to continue growing as a potential threat for businesses, governments, and even individuals as more people are using their own computers or phones to do work from home. It is something that IT departments and individuals alike will have to keep an eye out for and protect against, even if they are working and living in a place that feels like it is off the radar. Attackers know no borders, they just go where they think they can get money.