North America the largest ransomware target, Chainalysis says

North America has been extorted for the most money by ransomware attackers of any region — and the groups targeting it tend to be associated with Russia-based cybercriminal groups, according to a new report.

Users in the region paid $131 million in cryptocurrency to ransomware attackers between July 2020 and June 2021, according to a report from Chainalysis Inc., a crypto-forensics firm. That’s more than double the amount sent from Western Europe, which paid the second-most.

“Ransomware strains that took the most from North American victims during the time period studied include NetWalker, Egregor, Phoenix Cryptolocker, and Doppelpaymer,” Chainalysis said, adding that all of the groups “are associated with Russia-based cybercriminal groups including Evil Corp., which has been previously linked to the Russian government.”

While ransomware attacks have been growing for years, they have drawn particular attention this year as several high-profile incidents have disrupted supply chains. The administration of U.S. President Joe Biden plans to enlist 30 other countries to join forces in the fight against ransomware and other kinds of cybercrime, including the illegal use of cryptocurrency, it said earlier this month.

For instance, an attack on JBS SA, the largest global meat producer, wiped out output from facilities that supplied almost a quarter of American beef supplies. And in May, Colonial Pipeline Co. paid $4.4 million to a Russia-linked ransomware gang. A report released in April by a ransomware task force said the amount paid by victims increased by 311% in 2020, reaching nearly $350 million in cryptocurrency.

“The number of bad actors responsible for these widespread attacks is surprisingly small,” the report said. By taking action against the biggest players in groups such as infrastructure providers and money launderers, it said, “law enforcement can have an outsized impact and disrupt the operations of multiple strains.”