Are Ransomware Gangs Hunting for Your Business?

September 24, 2021

One of the most pressing reasons that businesses have for upgrading their email security these days is the specter of ransomware. The recent series of high-profile infrastructure attacks has given ransomware a starring role in the headlines as the villain of most cybersecurity stories. There’s no doubt that ransomware is one of the nastiest email-related threats that businesses have to face in today’s volatile threat landscape – and no business is too small for ransomware to be a problem. Two in five SMBs were impacted by ransomware in 2020. In fact, big businesses only made up an estimated 50% of all ransomware attacks between August 2020 and July 2021.

In our new eBook, Cracking the RANSOMWARE Code, we explore the evolution of today’s ransomware threats and what’s next, as well as who makes money from ransomware. DOWNLOAD IT NOW FOR FREE! >>

Reducing Ransomware Risk is Tough

Security experts and officials in governments around the world are sounding the alarm and putting resources into play. The UK’s Cybersecurity Chief recently declared ransomware the biggest threat to online security for most people and businesses in the UK. In the US, the federal government has poured resources into the prevention, detection and mitigation of ransomware. A recent joint action by the US Department of Justice (DOJ) and the US Department of Homeland Security (DHS) launched a new One-Stop website designed to help businesses reduce their ransomware risk and report suspected cybercrime to the appropriate authorities at    

Accurately detecting precisely targeted spear phishing email that may carry ransomware can also be a tricky proposition for many email security solutions, especially those that rely on threat reports and safe sender lists to winnow out dangerous messages. Researchers determined that precisely targeted ransomware has grown by an eye-popping 767%, easily dwarfing all other types. This type of phishing has become an increasingly difficult foe to defend against because it is slippery, arriving in many disguises that can simply overwhelm the capability of conventional email security solutions and SEGs.  Email defenses, including Microsoft 365 built-in security and the 5 leading SEGs, miss up to 65% of targeted spear phishing messages, allowing dangerous email to flood into employee inboxes. 

Get on the road to security success with our 5 Steps to Ransomware Readiness infographic! GET IT>>

Ransomware Innovation Never Stops

Just like the tech companies that defend against them, cybercriminals are constantly innovating. Major gangs have developed sophisticated lures that are very hard for conventional security and users to detect. That means that threats that arrive well-couched in innocent language or zero-day threats are likely to slip past security. Plus, nation-state threat actors have seemingly declared ransomware as their weapon of choice and they’ve definitely expanded their target list. Ransomware attacks seem to be cropping up like mushrooms after a rainstorm in industries that have not historically been on the menu for cybercriminals, leaving business owners worried that they might be next. 

Basic Facts About Ransomware Today to Keep In Mind

This frames the picture of why ransomware has become such a nightmare for anyone who handles business cybersecurity. Ransomware danger skyrocketed in the first half of 2021, with an estimated 304.7 million attempted ransomware attacks. There is light at the end of the tunnel, though. Fresh research has brought some of the characteristics that ransomware gangs find most appealing in a target to light, and that can help businesses gain perspective on their need to improve email security in order to defend against this devastating threat. 

Learn how to add to your security team without adding to your headcount. FREE EBOOK>>

What Are the Biggest Risk Factors?


By far, revenue is the biggest risk factor. Cybercriminals obviously want to hit targets that give them the most money or reward for the least effort i.e. targets that can pay substantial ransoms. They’re very clear about it when recruiting help for operations, especially malicious insiders who can give them easy access. To this end, they often attach revenue qualifications to their recruitment posts. A sample ad on a dark web message board recruiting for upcoming operations set the revenue qualifications on companies that they’re interested in pursuing:  

  • More than $5 million for US organizations 
  • More than $20 million for European organizations 
  • More than $40 million USD for companies in other regions 


A company’s location can be a major risk factor for becoming the target of a ransomware attack, but it isn’t a risk-eliminator.  Threat actors are currently favoring large US firms, but Canadian, Australian, and European targets are also on the table. In an analysis of messages on dark web message boards, researchers determined that ransomware operators were recruiting associates and freelancers for attacks all over the world. 

  • The US was the most popular choice, with almost half of the ads sampled naming US targets. 
  • Canada (37%) and Australia (37%) tied for second place 
  • European countries (31%) were a not-too-distant third


The data that their preferred targets hold is also a factor for ransomware practitioners.  Dark web data markets are booming. Even if the target doesn’t pay the ransom, bad actors know that they can make a substantial profit by selling their victim’s data.  In fact, industries may find themselves in cybercriminals’ sights just because of the high desirability of their data. While organizations in every industry are at risk of data theft through ransomware, these three were a little more at risk in 2020 than the rest.   

  • Manufacturing 25% 
  • Professional Services 17%
  • Government Entities 13%  

Geography also plays a part in data theft as a motivation. Organizations located in Asia (33%), North America (30%) and Europe (27%) were the hardest hit by ransomware attacks in 2020 and carry the most risk in 2021.

How safe is your email domain? Find out now with our domain checker. CHECK YOUR DOMAIN>>

Advanced Email Security is Essential to Stop Ransomware

Ransomware isn’t going to decline in popularity anytime soon. It’s just too easy for experienced cybercrime groups and nation-state threat actors to deploy with a high rate of success. Plus, ransomware has a low barrier to entry with a big reward, making it ideal for new cybercrime gangs looking to make a name for themselves and a hefty profit at the same time. Fresh types of ransomware, like double and triple extortion varieties, are constantly cropping up to challenge business security. And no time of year is “safe” – holiday weekends are a particularly popular time for attacks, as the Cybersecurity & Infrastructure Support Agency (CISA) recently noted in an alert

Your business needs powerful email security that can provide you with advanced protection against malicious messages that contain threats like ransomware without a high price tag. Graphus answers that call.  

  • Sophisticated smail security automation puts 3 layers of protection between your business and phishing messages 
  • Automated email solutions like Graphus catch 40% more malicious messages than conventional solutions or a SEG 
  • Smart AI never needs threat reports, instead using over 50 points of comparison to sniff out targeted spear phishing, ransomware, zero-day attacks and other complex threats. 

Don’t wait until you’re paying the bills for a ransomware attack to improve your email security – 60% of companies that are hit by a cyberattack go out of business. Stop phishing immediately with Graphus – the most simple, automated and affordable phishing defense available today. Contact one of our solutions specialists today and put protection that never takes a day off to work for your business. 

Stay safe from even the most sophisticated cyberattacks and social engineering scams

Put the powerful TrustGraph® AI of Graphus to work for your business, and in minutes you’ll get a powerful, easy-to-use, and customizable EmployeeShield® against phishing attacks.
Get a Demo of Graphus