computer with words pay up in ransom text

Who Is Most Affected by Ransomware and Why?

You can’t look at the news without reading about a new ransomware attack, and no organization seems safe. Ransomware attacks can destroy businesses, from the financial effects to loss of trust to fines and reputation damage, ransomware is a nightmare for executives and IT teams alike. The average cost of a ransomware attack is $1.85 million for organizations that pay, and over $700,000 for organizations that don’t, certainly not an amount to sneeze at, and the largest ransom demand observed so far in 2021 is $100 million.

While ransomware attacks can affect any organization, of any size, certain industries and verticals are more susceptible to attack than others—but what are these sectors, and why are they more vulnerable?

Who Is Most Affected by a Ransomware Attack?

Due to the nature of the information they store and share, certain sectors need to be on high alert for ransomware attacks. Extra precautions to secure their information in order to prevent credential-based attacks are necessary. 


As the primary target of ransomware attacks, healthcare saw a huge surge in cyberattacks from criminals seeking out personal and confidential medical data. Due to the sensitive nature of the information, the impact of the COVID-19 pandemic on the healthcare industry, and the sheer volume of information, ransomware attacks on the industry reached a peak of 500 exposed records per day. Here are other reasons healthcare suffers the most from ransomware attacks, just to name a few:

  • Rapidly increasing attack landscape as electronic health records and telemedicine become even more necessary in a growing digital age
  • The rush to remote work exposing VPN vulnerabilities, leaving the door wide open for hackers
  • Outdated, legacy systems and devices that remain in service due to budget constraints
  • Downtime concerns, as medical facilities cannot afford to offline for any period of time, any time of day
  • Large ecosystems of practitioners and specialists mean many opportunities for third-party vulnerabilities

The trend of healthcare cyberattacks, however, extends far beyond just the last year of crisis—healthcare data breaches increased by over 2,733% in the 10 years between 2009 and 2019. Some notable healthcare companies that have suffered from ransomware attacks in recent years include Merck, Universal Health Services, and Eskenazi Health. These attacks can quickly cripple massive healthcare organizations that require 24/7 operation.

Here are some facts about healthcare ransomware attacks:

Education Sector

Ransomware attacks have dramatically increased in the education sector as schools and educations had to suddenly shift to online learning throughout the COVID-19 pandemic. Many schools were not prepared for this sort of drastic change, and therefore the IT infrastructure wasn’t set up to support it, either. Some other reasons include...

  • Due to limited budgets, many education-based organizations lack cybersecurity training, strong IT security, or even basic tech support for students and teachers
  • Students are far more likely to engage in risky online behaviors, such as opening suspicious attachments and falling for phishing schemes. 
  • Schools, universities, and other educational institutions often carry sensitive data about their student body, such as addresses, social security numbers, and health records—information other organizations would never have access to

This combination of factors creates the perfect storm for hackers to make their move. Much like the healthcare industry, ransomware attacks on the education sector are detrimental to organizations that are already strapped for funds, time, and manpower, and cannot afford any downtime.

Information Technology

Much like the education sector, fast changes to the IT industry during the COVID-19 pandemic left this sector strapped for resources and manpower. Additionally, the IT industry often carries more sensitive information than others, leaving them an attractive target to malicious actors.

But make no mistake—all industries can fall prey to a ransomware attack, and with a 30% growth in attacks year over year, and a global cost of over $20 billion a year, knowing how to identify and prevent a ransomware attack is absolutely necessary for any organization. 

How Eliminating Passwords Prevents Ransomware Attacks

Ransomware attacks were previously much less of an issue than they are today—in fact, there has been a 62% increase in ransomware attacks since 2019. Due to the sudden increase, many organizations have been ill-prepared for the sudden influx, and have been using outdated methods to manage these modern attacks. 

passwordless MFA solution stops ransomware and other credential-based attacks in their tracks, by preventing them from ever occurring in the first place. With no passwords, there are no credentials to steal at all. 

Beyond Identity provides secure authentication without adding friction for users, and by eliminating passwords, leaves no credentials for malicious threat actors to steal. Beyond Identity verifies users and identities using the same cryptography tools that TLS uses to secure trillions of dollars of transactions daily. Organizations of all industries and sizes can reduce risk by eliminating all password-based attacks. 

It’s time that every organization remembers the one password tip that actually works… get rid of them once and for all!