- European companies are increasingly targeted by ransomware attacks
- High income and strict regulations make them lucrative targets, Crowdstrike notes
- Geopolitics also plays a role in the increased number of breaches
European businesses are increasingly the targets of ransomware and extortion, new research from CrowdStrike has claimed, with the region now accounting for nearly 22% of global ransomware victims, second only to North America.
Since 2024, over 2,100 victims have been deployed to ransomware leak sites across the continent – making European companies twice as likely to be targeted than those in the Asia-Pacific region, and the view that wealthier companies can pay higher ransoms makes them attractive targets.
The strict GDPR rules and heavy penalties that come with violations have created a perception that European companies are more likely to pay ransom demands, with lucrative industries such as manufacturing, professional services and technology most often targeted.
Evolving Threats
No matter where you are in the world, the tactics and techniques of ransomware attacks usually remain pretty similar. Credentials are dumped from backups, files are remotely encrypted, access is exploited to unmanaged systems to steal data and deploy ransomware, and Linux ransomware on VMware EsXI infrastructure is deployed.
While it’s a common playbook, it’s faster than ever for criminals to pull this off, with adversaries averaging just 35.5 hours between initial access and ransomware deployment – meaning security teams struggle to protect themselves after they detect an incident, even if they know what’s coming.
Geopolitics plays an important role in European attacks, with the war in Ukraine prompting politically motivated hacktivist groups to target supporters on each side, gather information and disable services.
“The cyber battlefield in Europe is more crowded and complex than ever,” said Adam Meyers, head of Counter Adversary Operations at CrowdStrike.
“We see a dangerous confluence of criminal innovation and geopolitical ambition, with ransomware teams using enterprise-grade tools and state-backed actors exploiting global crises to disrupt, persist and conduct espionage. In this high-stakes environment, intelligence-led defenses powered by AI and managed by human expertise are designed to stop the cyber threat.”
The best protection against identity theft for all budgets
