Ransomware attacks have been on the rise in recent years, causing a significant threat to individuals and organizations worldwide. Unit 42’s latest report sheds light on the most common ransomware families, industries targeted, and infection vectors used by attackers. In this blog post, we’ll break down their findings and provide practical tips to protect yourself from falling victim to ransomware. So buckle up and get ready for an insightful ride!

Overview of Unit 42’s ransomware report

Unit 42’s ransomware report is a comprehensive analysis of the current state of ransomware threats. The report focuses on data collected from January to June 2021, providing an up-to-date picture of the threat landscape.

The team analyzed over 300 malware families, identifying the most common ransomware variants and their distribution across different geographies. They also revealed that attackers are increasingly using double extortion tactics to increase their chances of getting paid.

Furthermore, Unit 42 identified industries that were most frequently targeted by ransomware attacks such as healthcare, manufacturing, and retail. Interestingly enough, small businesses were also heavily targeted in this period.

The report provides valuable insights into how these attacks occur through various infection vectors such as phishing emails and remote desktop protocols (RDP). Unit 42 found that RDP was one of the most commonly used attack methods due to its ease-of-use for both legitimate users and hackers alike.

Unit 42’s latest ransomware report reflects alarming trends in the cybersecurity space. It highlights just how important it is for individuals and organizations to remain vigilant against these evolving threats.

The most common ransomware families

When it comes to ransomware, hackers have developed many different strains over the years. Unit 42’s latest report highlights some of the most common families seen in recent attacks.

First on the list is Ryuk, a strain that has been around since 2018 and is responsible for several high-profile attacks. It typically gains access through phishing emails or exploiting vulnerable remote desktop protocols.

Next up is Maze, which gained notoriety last year for its ability to steal data before encrypting it. The attackers would then threaten to release sensitive information if their demands were not met.

Another common family is Dharma/Crysis, which has been active since 2016 and continues to evolve with new variants. This ransomware often targets small businesses and gains access through brute force attacks on Remote Desktop Protocol (RDP) credentials.

Other notable families include Sodinokibi/REvil, Conti, NetWalker and Locky. Each of these strains uses different techniques to gain access and encrypt files but all share one goal – extorting money from victims by holding their data hostage.

It’s important for individuals and organizations alike to stay informed about these ransomware families in order to better protect themselves against potential threats. Regularly updating software, implementing strong passwords policies and educating users about phishing scams are just a few ways you can reduce your risk of falling victim to an attack.

The most common industries targeted

According to Unit 42’s latest ransomware threat report, the industries that are most commonly targeted by ransomware attacks include healthcare, education, and government institutions. These industries often hold sensitive information such as personal data and financial records which makes them a prime target for cybercriminals.

Healthcare organizations have been particularly vulnerable due to the critical nature of their services. Ransomware attacks on hospitals and clinics can result in patient harm or even loss of life if medical equipment is compromised.

Similarly, educational institutions are often targeted because they hold valuable student data such as grades and social security numbers. Cybercriminals may use this information for identity theft or sell it on the dark web.

Government institutions also make attractive targets due to their vast stores of sensitive information including classified documents and national security secrets.

It’s important for businesses operating in these sectors to take extra precautions when it comes to cybersecurity. This includes regular employee training on phishing scams and installing robust antivirus software across all devices connected to company networks.

The most common infection vectors

The most common infection vectors for ransomware are constantly evolving, but some remain consistent year after year. One of the most common ways that ransomware infects computers is through phishing emails. These malicious messages are designed to trick recipients into clicking on a link or downloading an attachment that contains the malware.

Another way that ransomware can find its way onto your computer is by exploiting vulnerabilities in software and operating systems. Cybercriminals often scan networks looking for unpatched systems they can exploit with known vulnerabilities.

Remote desktop protocol (RDP) attacks have also become increasingly popular among hackers searching for their next victim to target with ransomware. RDP allows users to remotely connect to another computer over the internet, and if left unprotected, it can provide easy access for cybercriminals seeking unauthorized entry.

Attackers may also use malvertising as a means of spreading ransomware infections. Malvertisements appear legitimate but contain hidden code that downloads malware onto an unsuspecting user’s device when clicked on.

It’s essential always to be vigilant against these threats by regularly updating software and security tools such as antivirus programs and firewalls while being cautious about opening suspicious links from unknown senders or websites.

How to protect yourself from ransomware

Ransomware attacks have become increasingly common in recent years, and the consequences of falling victim to one can be devastating. Here are some practical steps you can take to protect yourself from ransomware.

Firstly, make sure that all your software is up-to-date with the latest security patches. Cybercriminals often exploit vulnerabilities in outdated software to gain access to systems.

Secondly, ensure that you have a robust backup strategy in place for all your important files and data. This will allow you to restore your system without paying the ransom demanded by cybercriminals.

Thirdly, exercise caution when opening email attachments or clicking on links from unknown sources. These could contain malware designed to install ransomware on your system.

Fourthly, use strong passwords and two-factor authentication wherever possible. This will make it harder for hackers to gain access to your systems and encrypt your data.

Consider investing in anti-malware software that can detect and block malicious code before it has a chance to infect your system. By taking these steps, you’ll significantly reduce the risk of falling victim to a ransomware attack.


Ransomware continues to be a major threat for both individuals and organizations. Unit 42’s latest report provides valuable insights into the most common ransomware families, industries targeted, and infection vectors. By understanding these trends, we can take steps to protect ourselves from becoming victims of ransomware attacks.

It is crucial to keep software up-to-date, use strong passwords and multi-factor authentication whenever possible. Regularly backing up important data is also essential in case a ransomware attack does occur.

Furthermore, educating employees on how to spot suspicious emails or links can go a long way in preventing infections. It is always better to err on the side of caution rather than risk falling victim.

In short, while ransomware attacks continue to evolve and become more sophisticated, there are steps we can take as individuals and organizations to minimize our risks. Staying vigilant and informed is key in keeping our data safe from harm.

Categorized in: