Israel submitted the highest number of ransomware samples for analysis to a cybersecurity research group commissioned by Google to publish a major study on the phenomenon, according to data released Thursday.
Cybersecurity firm VirusTotal published the Ransomware Activity Report, which entailed reviewing 80 million ransomware samples from 140 countries.
Israel, South Korea, Vietnam, China, Singapore, India, Kazakhstan, Philippines, Iran and the United Kingdom were the 10 most-affected territories based on the number of submissions reviewed by VirusTotal.
According to the report, Israel had a near 600 percent increase from its baseline number of submissions between January 2020 and September 2021. It was not clear what Israel’s baseline was.
The report added that Windows-based computers accounted for 95% of the ransomware targets, compared to just 2% on Android devices.
The report comes as an Israeli hospital faced a major ransomware cyberattack, crippling systems, which could take months to recover.
And earlier this week, Microsoft said that it had identified a group of Iranian hackers targeting Israeli and American defense technology companies using the tech giant’s products, as well as firms running maritime shipping in the Middle East.
The statement came as Israel and Iran have accused each other of attacks on ships in the Middle East, and amid reports of growing efforts by Tehran to avenge the death of its top nuclear scientist Mohsen Fakhrizadeh, killed last year.
Separately, Google warned on Friday of a surge in state-backed hackers, with a report focusing on the “notable campaigns” of a group linked to Iran’s Revolutionary Guard Corps.
In July, cybersecurity firm Check Point reported that Israeli institutions are targeted by about twice as many cyberattacks as the average in other countries around the world, particularly the country’s health sector, which experiences an average of 1,443 attacks a week.
The most targeted sectors around the world, including in Israel, are education and research, followed by government and security organizations, and then health institutions, Check Point said.
The report found that, on average, one in every 60 Israeli organizations or firms is targeted every week with ransomware attacks, an increase of 30% over the rate in 2020.
Separate new data out Friday showed $590 million in ransomware-related payments were reported to United States authorities in the first half of 2021, setting a pace to beat totals for the previous decade as cyber-extortion booms.
According to the US Treasury Department report, the figure is 42% higher than the amount reported by financial institutions for all of 2020.
The crime involves breaking into an entity’s networks to encrypt its data, then demanding a ransom, typically paid via cryptocurrency in exchange for the digital key, to unlock it.
Washington has sought to crack down on a sharp rise in attacks, including issuing its first sanctions against an online exchange where illicit operators have allegedly swapped cryptocurrency for cash.
Recent assaults on a major US oil pipeline, a meatpacking company and the Microsoft Exchange email system drew attention to the vulnerability of US infrastructure to digital pirates.
The report, based on the suspicious activity alerts that financial firms have to file, noted it was unclear if the jump represented increased awareness of the cybercrime.
The victims of the attacks were not identified in the report.
The new data on the scale of payments related to hacks came after more than two dozen nations resolved to collectively fight ransomware during a Washington-led summit.
The US gathered the countries — with the notable exception of Russia — to unify and boost efforts to fight cybercrime that is transnational, on the rise, and potentially devastating.
Stronger digital security and offline backups, as well as collectively targeting the laundering of the attacks’ proceeds, were identified as crucial steps in the fight.
“We will consider all national tools available in taking action against those responsible for ransomware operations threatening critical infrastructure and public safety,” the nations said in a joint statement.
The UK, Australia, India, Japan, France, Germany, South Korea, the European Union, Israel, Kenya, Mexico, and others were among the roughly 30 countries and territories that joined in the virtual gathering that ran from Wednesday to Thursday.