The number of ransomware attacks increased by 26 percent in 2021, compared to 2020. This according to a new annual report from the IT security company Truesec.
The figures apply to the attacks that the company has handled.
An overall picture of how many have been affected is difficult to obtain because only a few, according to police estimates, a single percent, choose to report crime.
A ransomware attack is an attack in which hackers intrude on an organization's IT system.
The criminals take over and lock all computers and steal sensitive information.
To get the key and information back, the organization is required to pay a ransom.
- These are billions that have been managed to be traced to the criminals' accounts.
And that in turn fosters crime further, says Truesec founder Marcus Murray.
Difficult to investigate
In 2021, several high-profile IT attacks took place in Sweden.
Last summer, the food giant Coop's checkout system was shut down and almost all stores had to close.
In December, Kalix municipality was excluded from all IT systems and had to switch to manual work.
The cost of the repair has so far been just over SEK 2.3 million - and not all of the municipality's systems are in operation yet.
The preliminary investigation was recently closed due to lack of evidence.
The fact that the crimes often take place from other countries, not least Russia, makes them difficult to investigate.
- At the bottom, the actors in countries that do not cooperate with Western police authorities are in their investigations.
They also do not disclose any person that we have identified in those countries to be prosecuted in Sweden, says Jan Olsson at the National IT Crime Center at the police.
But how does an attack really work? In the clip, Marcus Murray goes through a typical five-step attack.