April Identified as Most Dangerous Month for Ransomware Attacks


Ransomware attacks have been on the rise in recent years, and according to research by NordLocker, April is the most dangerous period for such attacks. Last year, April saw the highest number of ransomware incidents, with 294 attacks in total. These attacks were primarily targeted at US and German companies, with the manufacturing and finance industries being the most affected.

In 2022, the cybersecurity landscape was turbulent, with cybercriminals carrying out a significant number of large-scale attacks that resulted in major financial losses. In 2022, 2,263 ransomware attacks were recorded, with 896 of these taking place in the US alone.

Nearly 2,000 companies worldwide were affected by these attacks.

UK businesses experienced 128 attacks, while Germany, Canada, and Italy had 96, 90, and 74 attacks, respectively. Nearly 2,000 companies worldwide were affected by these attacks.

Out of all the months in 2022, April was particularly damaging, with 20 ransomware groups attacking 192 companies worldwide. This number is significantly higher than the average of 188 attacks per month. NordLocker’s research showed that companies with 11-50 employees were the most affected by cybersecurity breaches, with 80% of cases coming from the private sector.

In April 2022, the manufacturing industry suffered the most, with 26 cyberattacks in total. The finance and tech sectors were also heavily targeted, with 19 and 18 breaches, respectively. Other industries, including construction, retail, education, and energy, were also affected by ransomware multiple times during the month.

Conti and LockBit were responsible for the majority of the attacks during this period. These two Russian-linked gangs accounted for 33.21% and 23.72% of attacks, respectively. April was the month when Conti and LockBit carried out most of their attacks per month in 2022.

The rise in ransomware attacks is a cause for concern for businesses of all sizes and industries. Companies should prioritize cybersecurity measures to safeguard their systems and data from potential attacks.