{"id":19345,"date":"2022-12-01T02:25:42","date_gmt":"2022-12-01T02:25:42","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/?p=19345"},"modified":"2023-03-20T20:50:59","modified_gmt":"2023-03-20T20:50:59","slug":"what-ransomware-attackers-look-for","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/","title":{"rendered":"Main Targets of Ransomware Attacks &#038; What They Look For"},"content":{"rendered":"<p>Ransomware has become a potent tool for cybercriminals looking to exploit companies&#8217; sensitive data for profit. Ransomware attacks have affected businesses across all sizes, locations, and industries, from banking and financial services to utilities to education.<\/p>\n<p>When trying to keep your business safe from potential attacks, just as important as any kind of ransomware protection solution is to understand some of the factors and signs a ransomware hacker looks for when picking their next target. These factors can include data value, geographic locations, or a company\u2019s use of remote workers.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_68_1 ez-toc-wrap-left counter-flat ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-66d6f8d1f21b3\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"ez-toc-cssicon\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-66d6f8d1f21b3\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#What-Industries-Are-the-Most-Likely-Ransomware-Targets\" title=\"What Industries Are the Most Likely Ransomware Targets?\">What Industries Are the Most Likely Ransomware Targets?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Banking-and-Financial-Services\" title=\"Banking and Financial Services\">Banking and Financial Services<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Education\" title=\"Education\">Education<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Energy-and-Utilities\" title=\"Energy and Utilities\">Energy and Utilities<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Government\" title=\"Government\">Government<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Manufacturing\" title=\"Manufacturing\">Manufacturing<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Key-Signs-and-Vulnerabilities-Ransomware-Attackers-Look-For\" title=\"Key Signs and Vulnerabilities Ransomware Attackers Look For\">Key Signs and Vulnerabilities Ransomware Attackers Look For<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Valuable-Data\" title=\"Valuable Data\">Valuable Data<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Lack-of-Security-Infrastructure\" title=\"Lack of Security Infrastructure\">Lack of Security Infrastructure<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Money-for-a-Ransom\" title=\"Money for a Ransom\">Money for a Ransom<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Potential-for-Damage\" title=\"Potential for Damage\">Potential for Damage<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Remote-Workers\" title=\"Remote Workers\">Remote Workers<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Geographic-Locations\" title=\"Geographic Locations\">Geographic Locations<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#How-to-Prevent-Ransomware\" title=\"How to Prevent Ransomware\">How to Prevent Ransomware<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#Bottom-Line\" title=\"Bottom Line\">Bottom Line<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"What-Industries-Are-the-Most-Likely-Ransomware-Targets\"><\/span>What Industries Are the Most Likely Ransomware Targets?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>A unifying factor of most of the industries popular with ransomware attackers is their access to incredible amounts of sensitive data that an organization might want or even need to keep private, thus making them more likely to pay the ransom. Here are the most targeted industries.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Banking-and-Financial-Services\"><\/span>Banking and Financial Services<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The reasons for targeting banking and financial services companies are fairly clear. On top of having access to the capital needed to pay large ransom amounts, they often have access to extremely sensitive client information \u2014 and assets.<\/p>\n<p>The world of banking and financial services is especially vulnerable to cyber attacks, and companies in this industry were the <a href=\"https:\/\/www.trellix.com\/en-us\/advanced-research-center\/threat-reports\/jan-2022.html\" target=\"_blank\" rel=\"noopener\">most likely to be targeted by ransomware attackers<\/a> according to cybersecurity firm Trellix\u2019s report for 2021.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Education\"><\/span>Education<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Education shares similar vulnerabilities to local government institutions, often lacking the resources necessary to install anti-ransomware strategies. Their access to private information from faculty and students alike also makes them appealing targets.<\/p>\n<p>In recent years, education has become a popular target for ransomware attackers. 2022 research conducted by antimalware vendor Emsisoft revealed that <a href=\"https:\/\/blog.emsisoft.com\/en\/40813\/the-state-of-ransomware-in-the-us-report-and-statistics-2021\/\" target=\"_blank\" rel=\"noopener\">88 ransomware incidents were reported by institutions in the US in 2021<\/a>. This led to the disruption of day-to-day operations for over 1,000 schools across the nation. In half of these incidents, personal data from both teachers and students was leaked online.<\/p>\n<p>The total financial impact of these attacks can\u2019t be known with any certainty, but, like any other industry hit by ransomware, the costs are likely severe. A Sophos report on the state of ransomware in education found that lower education institutions spent <a href=\"https:\/\/news.sophos.com\/en-us\/2022\/07\/12\/the-state-of-ransomware-in-education-2022\/\" target=\"_blank\" rel=\"noopener\">$1.58 million on ransomware in 2021<\/a>. Higher education institutions spent $1.42 million.<\/p>\n<p><strong>Want to Find Out More About How to Backup Your Data in the Event of a Ransomware Attack? Take a Look at <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-backup-solutions-for-ransomware-protection\/\" target=\"_blank\" rel=\"noopener\">Best Backup Solutions for Ransomware Protection<\/a><\/strong><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Energy-and-Utilities\"><\/span>Energy and Utilities<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Utilities are a popular target both for attackers looking to cause damage to infrastructure and for cybercriminals looking to get paid. In a 2022 report, cybersecurity firm CyberSaint reported that <a href=\"https:\/\/www.cybersaint.io\/resources\/state-of-ransomware\" target=\"_blank\" rel=\"noopener\">43% of energy, oil, and utilities companies<\/a> hit by ransomware ended up paying the ransom.<\/p>\n<p>Because they provide such critical infrastructure, energy, and utility firms are more pressured than other ransomware targets to resolve the matter as quickly as possible, which sometimes means paying the ransom, <a href=\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/\" target=\"_blank\" rel=\"noopener\">Colonial Pipeline<\/a> being the most notable example in recent memory.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Government\"><\/span>Government<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Much like utilities, government organizations are a popular target for attackers looking to cause damage to the day-to-day infrastructure needed to keep society running. Government entities also often have some of the most sensitive data ransomware users can get their hands on.<\/p>\n<p>Additionally, government organizations on the local level, such as city or county administrations, often lack the time and resources necessary to implement robust cybersecurity measures and tend to use outdated technology. In some cases, this can lead to them being especially easy targets for ransomware and result in the theft of incredibly personal data, such as land deeds and social security numbers, with less effort on the attackers\u2019 part.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Manufacturing\"><\/span>Manufacturing<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Of popular ransomware targets, manufacturing companies are also the <a href=\"https:\/\/www.paloaltonetworks.com\/unit42\/2022-incident-response-report\" target=\"_blank\" rel=\"noopener\">most likely to have their stolen data leaked online<\/a>, with cyber criminals posting the data of 45 manufacturing companies in 2020 alone, according to Palo Alto Networks\u2019 Unit 42. IBM <a href=\"https:\/\/www.ibm.com\/downloads\/cas\/ADLMYLAZ\" target=\"_blank\" rel=\"noopener\">reported<\/a> that it resolved more cyber attacks for the manufacturing industry in 2021 than any other.<\/p>\n<p>There is some good news for industrial companies, however. A 2021 survey of the industry by Sophos found that <a href=\"https:\/\/www.sophos.com\/en-us\/solutions\/industries\/manufacturing\" target=\"_blank\" rel=\"noopener\">36% of respondents were hit by ransomware attacks<\/a>, and nearly half of those had their data encrypted. However, that same survey also found that only 19% of companies affected paid the ransom. This can potentially be chalked up to the fact that companies in the manufacturing industry are more prepared than other industries to restore data from backups, as <a href=\"https:\/\/www.esecurityplanet.com\/networks\/decrypt-ransomware-encrypted-files\/\" target=\"_blank\" rel=\"noopener\">decrypting stolen files rarely works<\/a>.<\/p>\n<p><strong>Need to Know More About Ransomware Attackers and How They Operate? Read <a href=\"https:\/\/www.esecurityplanet.com\/threats\/the-link-between-ransomware-and-cryptocurrency\/\" target=\"_blank\" rel=\"noopener\">The Link Between Ransomware and Cryptocurrency<\/a><\/strong><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Key-Signs-and-Vulnerabilities-Ransomware-Attackers-Look-For\"><\/span>Key Signs and Vulnerabilities Ransomware Attackers Look For<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Like any planned assault, ransomware attackers have certain vulnerabilities and factors they watch for when evaluating targets. Companies with the funds and resources to pay large sums, companies with access to sensitive data, and companies without the security infrastructure to resist a ransomware attack are favorite prey for a hacker. Understanding the key signs and vulnerabilities ransomware attackers look for is a vital part of protecting yourself against future attacks.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Valuable-Data\"><\/span>Valuable Data<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The most important factor to ransomware attackers is the value of an organization\u2019s data. If threat actors can steal or encrypt highly sensitive information, their victims may be more willing to pay a higher ransom. Even if they don\u2019t receive a ransom, more sensitive data will fetch a higher price from Dark Web buyers.<\/p>\n<p>You can see this preference in the types of organizations ransomware attacks have targeted recently. Professional services, financial services, and manufacturing were the most popular targets for ransomware in 2021, with energy, retail, and healthcare not far behind, according to IBM. These industries all deal with sensitive data, like financial information or personal identifiers, making them ideal targets.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Lack-of-Security-Infrastructure\"><\/span>Lack of Security Infrastructure<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Unsurprisingly, ransomware attackers also prefer targets that lack sufficient cybersecurity measures. Small and medium-sized businesses account for half or more of ransomware attacks. These companies are less likely to have as extensive security as larger corporations, making them easier targets. There are also more businesses of that size than large corporations.<\/p>\n<p>This trend may grow as <a href=\"https:\/\/www.esecurityplanet.com\/threats\/ransomware-as-a-service-raas-ttp-protections\/\" target=\"_blank\" rel=\"noopener\">ransomware-as-a-service (RaaS)<\/a> expands its popularity. A growing number of ransomware groups have started franchising their tools, letting virtually anyone perform ransomware attacks for a fee. Growing RaaS use means more novice cybercriminals could engage in these attacks, and these newer attackers will likely prefer easier targets.<\/p>\n<p>Companies in industries that are new to cybersecurity, like manufacturing or logistics, may fall victim to this trend. Ransomware attackers may prefer these organizations, as they\u2019re less likely to have sufficient infrastructure to stop them.<\/p>\n<p>A 2021 <a href=\"https:\/\/twitter.com\/uuallan\/status\/1438899102448820224\" target=\"_blank\" rel=\"noopener\">Twitter thread<\/a> looked at the most common vulnerabilities exploited by ransomware groups \u2013 and found that vulnerabilities in 18 products were the most targeted (image below). As many of these are <a href=\"https:\/\/www.esecurityplanet.com\/threats\/fbi-cisa-most-exploited-vulnerabilities\/\" target=\"_blank\" rel=\"noopener\">well-known vulnerabilities<\/a>, the issue of patching remains a major concern.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Money-for-a-Ransom\"><\/span>Money for a Ransom<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<figure id=\"attachment_19347\" aria-describedby=\"caption-attachment-19347\" style=\"width: 623px\" class=\"wp-caption alignright\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-19347 size-full\" src=\"https:\/\/www.esecurityplanet.com\/wp-content\/uploads\/2021\/09\/ransomware-vulnerabilities.jpg\" alt=\"ransomware vulnerabilities\" width=\"623\" height=\"467\" srcset=\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities.jpg 623w, https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities-300x225.jpg 300w, https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities-150x112.jpg 150w\" sizes=\"(max-width: 623px) 100vw, 623px\" \/><figcaption id=\"caption-attachment-19347\" class=\"wp-caption-text\">Top Ransomware Vulnerabilities<\/figcaption><\/figure>\n<p>Cybercriminals also typically look for targets that can pay a larger ransom. That\u2019s why the entertainment industry, which frequently deals in multi-million-dollar projects, experienced the second-highest number of cyberattacks in 2019, according to Verizon\u2019s 2019 Data Breach and Investigation Report. A successful ransomware attack on wealthier companies may result in a more substantial payday for the attackers, drawing their attention.<\/p>\n<p>At first, this figure may seem to counter the trend of attackers targeting small and medium businesses. However, even a medium-sized business can offer a significant amount of money to an individual or small group. It\u2019s also important to note that while SMBs are the most common targets, that doesn\u2019t necessarily mean new businesses are.<\/p>\n<p>If your business brings in at least a few million dollars in annual revenue, you could be a target. Generally speaking, the more profitable your business is, the more enticing a target you are.<\/p>\n<p><strong>Need Some Good News About Ransomware? Learn About <a href=\"https:\/\/www.esecurityplanet.com\/threats\/how-one-company-survived-ransomware\/\" target=\"_blank\" rel=\"noopener\">How One Company Survived a Ransomware Attack Without Paying the Ransom<\/a><\/strong><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Potential-for-Damage\"><\/span>Potential for Damage<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Financial motivations are not the only driving force behind ransomware attacks. Some cybercriminals seek to cause as much destruction as possible, especially in state-sponsored cyberattacks. Whether it\u2019s to make a statement or for a feeling of power, some ransomware attackers look for targets with the highest potential for damage.<\/p>\n<p>Software supply chain companies are some of the most at-risk organizations. Take the <a href=\"https:\/\/www.esecurityplanet.com\/threats\/guarding-against-solorigate-ttps-solarwinds-hack\/\" target=\"_blank\" rel=\"noopener\">SolarWinds attack<\/a>, for example, which affected scores of customers by targeting a single system, or the <a href=\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/\" target=\"_blank\" rel=\"noopener\">Kaseya attack<\/a>, which put thousands of the company\u2019s clients at risk. If you have information belonging to multiple clients or connect to many other businesses\u2019 software, you may be an ideal target.<\/p>\n<p>Software-as-a-service (SaaS) vendors are thus in some ways ideal targets. If you offer IT services to multiple other companies, a ransomware attack on your business could cause widespread damage. That potential could attract attackers.<\/p>\n<p>And critical infrastructure will remain an enticing attack for those seeking to do damage. Colonial Pipeline showed just how effective such attacks can be.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Remote-Workers\"><\/span>Remote Workers<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Amid the COVID-19 pandemic, many businesses embraced remote work. Data shows that these same companies may be at increased risk of a ransomware attack. The software you use to collaborate with remote employees may have vulnerabilities that ransomware attackers seek to take advantage of. And remote employees tend to be less protected by ransomware essentials such as immutable data backups.<\/p>\n<p>Remote desktop protocol (RDP), which remote workers may use more heavily than others, is a favorite of ransomware groups. Cybercriminals leveraged RDP vulnerabilities in 47% of all ransomware attacks in one study, more than any other category.<\/p>\n<p>Virtual private networks (VPNs) are another common target. While these tools can protect you by encrypting your internet traffic, unpatched vulnerabilities or outdated versions can turn them into entry points for cybercriminals. If your business uses these or similar remote collaboration tools, you could be at risk.<\/p>\n<p>Zero trust is one way to secure home-based and remote workers. And enterprise firewall vendors Fortinet and Palo Alto Networks unveiled <a href=\"https:\/\/www.esecurityplanet.com\/endpoint\/securing-home-employees-with-enterprise-class-solutions\/\" target=\"_blank\" rel=\"noopener\">secure routers<\/a> aimed at home and small office workers in 2021.<\/p>\n<p><strong>Ransomware Isn\u2019t the Only Type of Malware You Need to Watch Out For. Read <a href=\"https:\/\/www.esecurityplanet.com\/threats\/malware\/\" target=\"_blank\" rel=\"noopener\">What is Malware? Definition, Purpose &amp; Common Protections<\/a><\/strong><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Geographic-Locations\"><\/span>Geographic Locations<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Interestingly, recent research shows that ransomware attacks are often concentrated in specific geographic areas. In active Dark Web ransomware threads in July 2021, KELA researchers found that more than 40% of threat actors mentioned the U.S. as their desired location of victims. Canada and Australia followed, both around 37%.<\/p>\n<p>This geographic concentration is likely due to the concentration of wealthier or more prominent companies. Political motivations could also play a role. Specific locations like states or cities may follow similar lines, with the largest and wealthiest areas seeing more attacks.<\/p>\n<p>If your company is based in these areas, you may be at higher risk of ransomware than others. This factor is likely less influential than data value and security infrastructure, but it\u2019s worth noting regardless.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"How-to-Prevent-Ransomware\"><\/span>How to Prevent Ransomware<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Cybercriminals don\u2019t act randomly. Ransomware attacks follow specific motivations, and when you understand these drivers, you can know what level of risk you face.<\/p>\n<p>Regardless of how at-risk you are, protecting against ransomware is critical. However, if you fall into any of these categories, you may want to consider more extensive anti-ransomware measures.<\/p>\n<ul>\n<li><strong>Data Backups:<\/strong> One of the best protections against ransomware is maintaining immutable <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-backup-solutions-for-ransomware-protection\/\" target=\"_blank\" rel=\"noopener\">backups of your data<\/a> whenever possible. Decryption isn\u2019t as consistent as it needs to be, but if you have any way to <a href=\"https:\/\/www.esecurityplanet.com\/threats\/how-to-recover-from-a-ransomware-attack\/\" target=\"_blank\" rel=\"noopener\">recover<\/a> and restore your stolen data, you\u2019ve removed a lot of the power ransomware attackers can have over you. However, this isn\u2019t foolproof, as attackers might know of those backups and seek to damage them as well. Also, depending on how long it takes to deploy those backups, it might not be a feasible solution to the havoc ransomware can wreak on an organization\u2019s day-to-day operations.<\/li>\n<li><strong>Stop Suspicious Network Traffic:<\/strong> Security solutions like <a href=\"https:\/\/www.esecurityplanet.com\/products\/intrusion-detection-and-prevention-systems\/\" target=\"_blank\" rel=\"noopener\">Intrusion Detection and Prevention (IDPS)<\/a> or <a href=\"https:\/\/www.esecurityplanet.com\/products\/top-ngfw\/\" target=\"_blank\" rel=\"noopener\">next-generation firewalls (NGFW)<\/a> can help block potentially-<a href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/\">malicious traffic from your network<\/a>. <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-secure-email-gateways\/\" target=\"_blank\" rel=\"noopener\">Email gateways<\/a> also have the chance of removing one of the most common vectors of ransomware infection: <a href=\"https:\/\/www.esecurityplanet.com\/threats\/phishing-attacks\/\" target=\"_blank\" rel=\"noopener\">phishing<\/a>, <a href=\"https:\/\/www.esecurityplanet.com\/threats\/email-spoofing\/\" target=\"_blank\" rel=\"noopener\">spoofing<\/a>, and the like. <a href=\"https:\/\/www.esecurityplanet.com\/products\/edr-solutions\/\" target=\"_blank\" rel=\"noopener\">EDR<\/a> and <a href=\"https:\/\/www.esecurityplanet.com\/products\/siem-tools\/\" target=\"_blank\" rel=\"noopener\">SIEM<\/a> systems are also core security defenses.<\/li>\n<li><strong>Think Creatively:<\/strong> <a href=\"https:\/\/www.esecurityplanet.com\/networks\/deception-technology\/\" target=\"_blank\" rel=\"noopener\">Deception technology<\/a> could give you an early warning of ransomware or another cyberattack. <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-encryption-software\/\" target=\"_blank\" rel=\"noopener\">Encrypting data<\/a> \u2014 even in use \u2014 can take away the threat of having sensitive data leaked to the public.<\/li>\n<li><strong>Stay Alert:<\/strong> Ultimately, however, these tools are only as effective as the individuals using them. As such, personal vigilance remains a key factor in preventing any malware attack. Whether it\u2019s not opening suspicious email attachments or keeping your passwords secure, your good cybersecurity hygiene will be an effective deterrent against ransomware. This is why one of the simplest defenses against ransomware is to administer solid <a href=\"https:\/\/www.esecurityplanet.com\/products\/cybersecurity-training\/\" target=\"_blank\" rel=\"noopener\">employee awareness training<\/a>.<\/li>\n<\/ul>\n<p>Need help protecting your organization from ransomware? Rapid7 offers managed detection and response (MDR) and extended detection and response (XDR) to help keep your endpoints free from ransomware.<strong> <a href=\"https:\/\/www.rapid7.com\/services\/managed-services\/managed-detection-and-response-services\/pricing\/elite-request\/?utm_medium=3email&amp;utm_source=tec&amp;utm_content=mdrcontactus&amp;utm_campaign=nagrth-bau_any-3email-cmmrcl-mdr-na&amp;utm_meta=a1286\" target=\"_blank\" rel=\"nofollow sponsored noopener\">Chat with an MDR expert<\/a> today.<\/strong><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Bottom-Line\"><\/span>Bottom Line<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Ransomware is one of the most potent threats facing businesses today. Fortunately, knowing what ransomware hackers look for when picking their targets can help companies better prepare for an attack.<\/p>\n<p>Factors such as geographic location, access to sensitive data, or lacking security infrastructure can all increase the likelihood of ransomware attacks, as well as an organization\u2019s presence in certain industries like banking, healthcare, or manufacturing.<\/p>\n<p>While there are ways to defend yourself against ransomware, none of them are foolproof, and even solid defenses are under constant threat of circumvention by enterprising hackers. Still, keeping in mind what ransomware attackers might be looking for in their targets can help you stay one step ahead of ransomware and keep your and your customers\u2019 data safe.<\/p>\n<p><strong>Looking to Learn More About How to Defend Yourself from Ransomware? Check Out <a href=\"https:\/\/www.esecurityplanet.com\/threats\/ransomware-protection\/\" target=\"_blank\" rel=\"noopener\">Ransomware Prevention: How to Protect Against Ransomware<\/a><\/strong><\/p>\n<p><em><strong>NOTE:<\/strong> This article was originally written by Devin Partida on September 22, 2021. It was updated by Zephin Livingston on December 1, 2022.<\/em><\/p>\n\n\n<div id=\"ta-campaign-widget-66d6f8d1f0113-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6f8d1f0113\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6f8d1f0113\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6f8d1f0113\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6f8d1f0113\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6f8d1f0113\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6f8d1f0113\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Ransomware has become a potent tool for cybercriminals looking to exploit companies&#8217; sensitive data for profit. Ransomware attacks have affected businesses across all sizes, locations, and industries, from banking and financial services to utilities to education. When trying to keep your business safe from potential attacks, just as important as any kind of ransomware protection [&hellip;]<\/p>\n","protected":false},"author":305,"featured_media":19347,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[15],"tags":[1146,2478,31445],"b2b_audience":[33],"b2b_industry":[],"b2b_product":[31788,403,31790],"class_list":["post-19345","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threats","tag-malware","tag-ransomware","tag-ransomware-prevention","b2b_audience-awareness-and-consideration","b2b_product-advanced-persistent-threats","b2b_product-cyber-terrorists-and-cyber-crime","b2b_product-ransomware"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Main Targets of Ransomware Attacks &amp; What They Look For | eSecurity Planet<\/title>\n<meta name=\"description\" content=\"There are several industries that are the most targeted by ransomware attackers. Discover the top industries and signals attackers look for in their victims.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Main Targets of Ransomware Attacks &amp; What They Look For | eSecurity Planet\" \/>\n<meta property=\"og:description\" content=\"There are several industries that are the most targeted by ransomware attackers. Discover the top industries and signals attackers look for in their victims.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2022-12-01T02:25:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-20T20:50:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"623\" \/>\n\t<meta property=\"og:image:height\" content=\"467\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Zephin Livingston\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Zephin Livingston\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/\"},\"author\":{\"name\":\"Zephin Livingston\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/c520ead1fedb2794b5fccfeb93b4c97f\"},\"headline\":\"Main Targets of Ransomware Attacks &#038; What They Look For\",\"datePublished\":\"2022-12-01T02:25:42+00:00\",\"dateModified\":\"2023-03-20T20:50:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/\"},\"wordCount\":2328,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities.jpg\",\"keywords\":[\"malware\",\"ransomware\",\"ransomware prevention\"],\"articleSection\":[\"Threats\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/\",\"name\":\"Main Targets of Ransomware Attacks & What They Look For | eSecurity Planet\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities.jpg\",\"datePublished\":\"2022-12-01T02:25:42+00:00\",\"dateModified\":\"2023-03-20T20:50:59+00:00\",\"description\":\"There are several industries that are the most targeted by ransomware attackers. Discover the top industries and signals attackers look for in their victims.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#primaryimage\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities.jpg\",\"width\":623,\"height\":467,\"caption\":\"ransomware vulnerabilities\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Main Targets of Ransomware Attacks &#038; What They Look For\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/c520ead1fedb2794b5fccfeb93b4c97f\",\"name\":\"Zephin Livingston\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/09\/EDITED-28465_HH-73858175_Zephin_Livingston_20220826_1407190_editor_faharia-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/09\/EDITED-28465_HH-73858175_Zephin_Livingston_20220826_1407190_editor_faharia-150x150.jpg\",\"caption\":\"Zephin Livingston\"},\"description\":\"Zephin Livingston is a content writer for eSecurityPlanet with years of experience in multiple fields including cybersecurity, tech, cultural criticism, and media literacy. They're currently based out of Seattle.\",\"url\":\"https:\/\/www.esecurityplanet.com\/author\/zephin-livingston\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Main Targets of Ransomware Attacks & What They Look For | eSecurity Planet","description":"There are several industries that are the most targeted by ransomware attackers. Discover the top industries and signals attackers look for in their victims.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/","og_locale":"en_US","og_type":"article","og_title":"Main Targets of Ransomware Attacks & What They Look For | eSecurity Planet","og_description":"There are several industries that are the most targeted by ransomware attackers. Discover the top industries and signals attackers look for in their victims.","og_url":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/","og_site_name":"eSecurity Planet","article_published_time":"2022-12-01T02:25:42+00:00","article_modified_time":"2023-03-20T20:50:59+00:00","og_image":[{"width":623,"height":467,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities.jpg","type":"image\/jpeg"}],"author":"Zephin Livingston","twitter_card":"summary_large_image","twitter_creator":"@eSecurityPlanet","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Zephin Livingston","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/"},"author":{"name":"Zephin Livingston","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/c520ead1fedb2794b5fccfeb93b4c97f"},"headline":"Main Targets of Ransomware Attacks &#038; What They Look For","datePublished":"2022-12-01T02:25:42+00:00","dateModified":"2023-03-20T20:50:59+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/"},"wordCount":2328,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities.jpg","keywords":["malware","ransomware","ransomware prevention"],"articleSection":["Threats"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/","url":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/","name":"Main Targets of Ransomware Attacks & What They Look For | eSecurity Planet","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#primaryimage"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities.jpg","datePublished":"2022-12-01T02:25:42+00:00","dateModified":"2023-03-20T20:50:59+00:00","description":"There are several industries that are the most targeted by ransomware attackers. Discover the top industries and signals attackers look for in their victims.","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#primaryimage","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/09\/ransomware-vulnerabilities.jpg","width":623,"height":467,"caption":"ransomware vulnerabilities"},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/threats\/what-ransomware-attackers-look-for\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"Main Targets of Ransomware Attacks &#038; What They Look For"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/c520ead1fedb2794b5fccfeb93b4c97f","name":"Zephin Livingston","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/09\/EDITED-28465_HH-73858175_Zephin_Livingston_20220826_1407190_editor_faharia-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/09\/EDITED-28465_HH-73858175_Zephin_Livingston_20220826_1407190_editor_faharia-150x150.jpg","caption":"Zephin Livingston"},"description":"Zephin Livingston is a content writer for eSecurityPlanet with years of experience in multiple fields including cybersecurity, tech, cultural criticism, and media literacy. They're currently based out of Seattle.","url":"https:\/\/www.esecurityplanet.com\/author\/zephin-livingston\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/19345"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/305"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=19345"}],"version-history":[{"count":0,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/19345\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media\/19347"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=19345"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=19345"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=19345"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=19345"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=19345"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=19345"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}