However, 2021 ransomware attacks were up 93% for the year compared with 2020. NCC says that the decrease is likely due to seasonal factors and has been seen in prior years. January victims numbered 121 businesses compared with 191 in December. North America and Europe accounted for 86% of ransomware attacks sharing almost equal numbers of victims. The industrial sector is the most targeted with one in four attacks, followed by the consumer cyclical sector with 22%. NCC said that the major ransomware packages such as Lockbit 2.0 remain popular, but Conti has fallen out of favor. A new threat actor called NightSky appeared in January and is rapidly growing in use because it offers a double extortion mode that encrypts files and also threatens to leak the data on the dark web. Matt Hull, global lead for strategic threat intelligence at NCC Group, said: “Highly targeted sectors should ensure that they have adequate ransomware mitigations in place. The partial dip in activity from groups such as Conti should not be inferred as a decreased threat, as it’s likely that its activity will increase in proportion with its peers in the coming months.” NCC notes that there is some concern that the Ukraine/Russia conflict could result in cyber attacks on Ukraine and its allies. Its experts are monitoring the situation.