Top 5 targeted geographic regions (July 2019-June 2020) It is possible that the focus and heavy targeting of Western countries, particularly the US, stems from these countries being perceived as wealthier, with more funds to pay the ransom compared to other, non-Western countries, and thus ransomware gangs belie e the are more likel to generate a proåft out of them. However, coupled with the apparent Russian origin (of at least some) of the attackers, other possible moti es to focusing on Western countries ma come to mind. As already stated, ransomware attacks have increasingly become more targeted, similarly to the way state-sponsored attacks are typically targeted, as they are intended to ser e their go ernment’s national interests. In addition, state-sponsored attacks often in ol e e åfltrating and stealing ictims’ data, hich as e mentioned earlier, is a trend recently adopted by ransomware threat actors, who are usually considered to be åfnanciall moti ated. According to data gathered b Microsoft bet een Jul 2019 and June 2020, Russian state-sponsored threat actors ere responsible for 52% of the APT-related acti ities detected by the company over this period 18 . In addition, they found that the US was the top targeted geographic region by state-sponsored actors over the same time period: 69% of state-sponsored attacks targeted the US, follo ed b the UK (19%), Canada (5%), South Korea (4%) and Saudi Arabia (3%). 18. Screenshot of an advertisements of the DarkSide ransomware gang on Russian Dark Web forum 3.3 MOTIVES OF RANSOMWARE GROUPS 69% | United States 19% | United Kingdom 5% | Canada 4% | South Korea 3% | Saudi Arabia https://blogs.microsoft.com/on-the-issues/2020/09/29/microsoft-digital-defense-report-c ber-threats/ 15 | The Ransomware Landscape