Ransomware now strikes one in 40 organisations per week, Check Point finds

"Ransomware" text within binary code

Ransomware attacks now impact one in 40 organisations every week, the latest data from Check Point Research (CPR) has found.

Incidents have risen 59% year-on-year from one in 64 organisations being affected in Q2 2021, due to a combination of higher geopolitical tensions, an increase in remote working, as well as a willingness of organisations to pay the cost of the ransom, CPR said.

RELATED RESOURCE

Unified endpoint management solutions 2021-22

Analysing the UEM landscape

FREE DOWNLOAD

Across the wider landscape, the second quarter of 2022 saw cyber-attacks hit an all-time high, increasing by 32% when compared to Q2 2021.

“Ransomware attacks are showing no signs of slowing down,” commented Omer Dembinsky, Data Group Manager at Check Point Software.

“Hackers are leveraging the increase in attack surface from remote work and learning, and the war between Ukraine and Russia also helps drive the proliferating trend, as geopolitical tensions rising inspires hackers to take sides.”

Distributors targeted

In terms of industry, the data paints a concerning picture for VARs, systems integrators, and distributors. During Q2, the sector saw a 143% increase in ransomware attacks when compared with the same period of last year – equating to one in 47 organisations affected per week.

That hike was only topped by the Retail and Wholesale sector’s jump of 182%, while Government and Military saw the third highest increase at 135%.

The Education and Research sector was found to be the most attacked industry worldwide, taking an average of 2,300 attacks per organisation every week (up 53%). Government and Military came in second, with 1,620 attacks (+44%), followed by ISPs and MSPs which racked up 1,397 (+29%).

Elsewhere, the healthcare sector saw a huge 60% hike to 1,342 attacks per organisation every week, CPR found.

“The willingness of organisations to meet ransomware demands to protect patients has proved the business of ransomware to be highly lucrative. Hence, we see that hackers are continuing to invest resources in going after healthcare organisations,” Dembinsky continued.

By region, Africa was the most attacked during Q2, peaking at 1,758 weekly attacks per organisations (up 3%), followed by Asia’s 1,684 (+25%), and Latin America’s 1,602 (+29%).

Prevention

Check Point reiterated that ransomware attacks are often the result of poor employee training and bad habits. The firm underlined preventative measures such as regularly backing up data, having a proactive strategy, employing content scanning and filtering, as well as keeping systems up to date.

“We strongly recommend organisations everywhere to take note of our ransomware prevention tips, such as backing up data, keeping systems up to date, and training employees on awareness,” Dembinsky added.

Daniel Todd

Dan is a freelance writer and regular contributor to ChannelPro, covering the latest news stories across the IT, technology, and channel landscapes. Topics regularly cover cloud technologies, cyber security, software and operating system guides, and the latest mergers and acquisitions.

A journalism graduate from Leeds Beckett University, he combines a passion for the written word with a keen interest in the latest technology and its influence in an increasingly connected world.

He started writing for ChannelPro back in 2016, focusing on a mixture of news and technology guides, before becoming a regular contributor to ITPro. Elsewhere, he has previously written news and features across a range of other topics, including sport, music, and general news.

Read more
Ransomware concept image showing digitized padlock pictured on a laptop screen on red background
February was the worst month on record for ransomware attacks – and one threat group had a field day
Ransomware concept image showing a warning symbol in red with binary code in background.
Healthcare systems are rife with exploits — and ransomware gangs have noticed
An abstract image showing a skull over a pixelated background to symbolise a cyber security vulnerability
Global cyber attacks jumped 44% last year
A glowing blue padlock with coiled red CGI data around it, representing new ransomware.
The new ransomware groups worrying security researchers in 2025
Black padlock sitting on laptop keyboard with red background, representing the BlackLock ransomware group.
There’s a new ransomware player on the scene: the ‘BlackLock’ group has become one of the most prolific operators in the cyber crime industry – and researchers warn it’s only going to get worse for potential victims
An abstract CGI image of a large green cuboid being broken in half with yellow, orange, and red cubes to represent ransomware resilience and data encryption.
Building ransomware resilience to avoid paying out
Latest in Ransomware
Ransomware concept image showing a warning symbol in red with binary code in background.
Healthcare systems are rife with exploits — and ransomware gangs have noticed
An abstract CGI image of a large green cuboid being broken in half with yellow, orange, and red cubes to represent ransomware resilience and data encryption.
Building ransomware resilience to avoid paying out
A hand on a keyboard in a dark room
Alleged LockBit developer extradited to the US
Ransomware concept image showing digitized padlock pictured on a laptop screen on red background
February was the worst month on record for ransomware attacks – and one threat group had a field day
Medusa statue bust on white background
CISA issues warning over Medusa ransomware after 300 victims from critical sectors impacted
Ghost in front of light with a silhouette on orange background
Warning issued over prolific 'Ghost' ransomware group
Latest in News
Ransomware concept image showing a warning symbol in red with binary code in background.
Healthcare systems are rife with exploits — and ransomware gangs have noticed
Application security concept image showing a digitized padlock placed upon a digital platform.
ESET looks to ‘empower’ partners with cybersecurity portfolio updates
Male software engineer working on a laptop at a home office desk with two PC monitors sitting on top of desk.
‘This shift highlights not just a continuation but a broad acceptance of remote work as the norm’: Software engineers are sticking with remote work and refusing to budge on RTO mandates – and 21% would quit if forced back to the office
Databricks logo and branding pictured on a MacBook Pro screen.
Databricks and Anthropic are teaming up on agentic AI development – here’s what it means for customers
Dell Technologies logo and branding pictured at the company's stall at Mobile World Congress (MWC) in Barcelona, Spain.
Scale of Dell job cuts laid bare as firm sheds 10% of staff in a year
Male employee sitting at a desk working on a laptop with earphones in and books scattered on desk.
Employees want purpose, and they’re willing to quit to find it – upskilling, career growth, and work-life balance have shifted priorities for workers