Barracuda Threat Report Reveals Spike In Ransomware To More Than 1.2 Million Per Month

New fourth-annual research report analyses ransomware attack patterns that occurred between August 2021 and July 2022

Fleming Shi, CTO at Barracuda


  • In the past 12 months, Barracuda researchers identified and analysed 106 highly publicised ransomware attacks and found the dominant targets are still five key industries: education, municipalities, healthcare, infrastructure, and financial.
  • Researchers also saw a spike in the number of service providers that have been hit with a ransomware attack.
  • The volume of ransomware threats detected spiked between January and June of this year to more than 1.2 million per month.

Barracuda, a trusted partner and leading provider of cloud-first security solutions, today released its fourth-annual threat research report on ransomware. The new report looks at ransomware attack patterns that occurred between August 2021 and July 2022.

Read the full Threat Spotlight blog post:

A closer look at ransomware trends 

For the 106 highly publicised attacks our researchers analysed, the dominant targets are still five key industries: education (15%), municipalities (12%), healthcare (12%), infrastructure (8%), and financial (6%):

  • The number of ransomware attacks increased year-over-year across each of these five industry verticals, and attacks against other industries more than doubled compared to last year’s report.
  • While attacks on municipalities increased only slightly, Barracuda analysis over the past 12 months showed that ransomware attacks on educational institutions more than doubled, and attacks on the healthcare and financial verticals tripled.
  • This year, Barracuda researchers dug in deeper on these highly publicised attacks to see which other industries are starting to be targeted. Service providers were hit the most, and ransomware attacks on automobile, hospitality, media, retail, software, and technology organisations all increased as well.

Most ransomware attacks don’t make headlines, though. Many victims choose not to disclose when they get hit, and the attacks are often sophisticated and extremely hard to handle for small businesses. To get a closer look at how ransomware is affecting smaller businesses, the report details three examples that researchers have seen through Barracuda SOC-as-a-Service, the anatomy of each attack, and the solutions that can help stop these attacks.

“As ransomware and other cyberthreats continue to evolve, the need for adequate security solutions has never been greater,” said Fleming Shi, CTO at Barracuda. “Many cybercriminals target small businesses in an attempt to gain access to larger organisations. As a result, it is essential for security providers to create products that are easy to use and implement, regardless of a company’s size. Additionally, sophisticated security technologies should be available as services, so that businesses of all sizes can protect themselves against these ever-changing threats. By making security solutions more accessible and user-friendly, the entire industry can help to better defend against ransomware and other cyberattacks.”

How to protect against ransomware attacks

There are five steps you can take now to protect your organisation:

  • Disable macros— Implement execution prevention by disabling macro scripts from Microsoft Office files transmitted via email.
  • Set up network segmentation —Implementing robust network segmentation will help reduce the spread of ransomware if it does get into your system.
  • Remove unused or unauthorised applications— Investigate any unauthorised software, particularly remote desktop or remote monitoring, which could be signs of compromise.
  • Enhance web application and API protection services— Secure your web applications from malicious hackers and bad bots by enabling web application and API protection services, including distributed denial of service (DDoS) protection.
  • Reinforce access control on backups— Backup should be offline/cloud credentials should be different than normal credentials.

Rule-based security solutions are going to be weak against these type of attacks and the ways they are evolving. As the attack surface expands, it requires artificial intelligence both to drive efficacy and to understand the behaviour of these attacks.


Read the full Threat Spotlight blog post:  

Ransomware protection page:

Get the e-book:

2021 Ransomware Threat Spotlight research:

Subscribe to our blog to receive recaps by email and get the latest news, research, and more: