Ransomware statistics that reveal alarming rate of cyber extortion
In this article, you will find excerpts from various reports that offer statistics and insights about the current ransomware landscape.
Global ransomware crisis worsens
NTT Security Holdings | 2024 Global Threat Intelligence Report | May 2024
- Ransomware and extortion incidents surged by 67% in 2023
- Manufacturing topped the list of attack sectors in 2023 at 25.66% and had the most ransomware victims posted on social channels with 27.75%.
Ransomware attacks impact 20% of sensitive data in healthcare orgs
Rubrik | The State of Data Security: Measuring Your Data’s Risk | May 2024
- 93% of external organizations that endured a ransomware attack reported paying a ransom demand, with 58% of these payments motivated primarily by threats to leak stolen data.
Ransomware activity is back on track despite law enforcement efforts
Corvus Insurance | 2024 Q1 Ransomware Report | May 2024
- In January, Corvus reported that global ransomware attacks in 2023 set a record high, surpassing 2022 by close to 70%.
- According to the data, 1,075 leak site ransomware victims were posted on leak sites during the first quarter of 2024, despite the disruption of two major ransomware groups, LockBit and ALPHV/BlackCat, which accounted for 22% and 8% of the activity, respectively.
Ransom recovery costs reach $2.73 million
Sophos | The State of Ransomware 2024 | May 2024
- Average ransom payment has increased 500% in the last year.
- 63% of ransom demands were for $1 million or more, with 30% of demands for over $5 million, suggesting ransomware operators are seeking huge payoffs.
Behavioral patterns of ransomware groups are changing
GuidePoint Security | GRIT Q1 2024 Ransomware Report | April 2024
- Q1 2024 resulted in a nearly 20% increase in reported victims over Q1 2023, despite the disruption of LockBit and the disbandment of Alphv, two of the largest and most prolific ransomware groups.
- The number of active ransomware groups more than doubled year-over-year, increasing 55% from 29 distinct groups in Q1 2023 to 45 distinct groups in Q1 2024.
Cybercriminals harness AI for new era of malware development
Group-IB | Hi-Tech Crime Trends 2023/2024 | March 2024
- The alliance between ransomware groups and initial access brokers (IABs) is still the powerful engine for cybercriminal industry, as evidenced by the 74% year-on-year increase in the number of companies that had their data uploaded on dedicated leak sites (DLS).
- Companies based in North America most commonly appeared in the DLS posts of ransomware groups, accounting for 2,487 (or 54%) of the annual total, and more than double the corresponding figure in 2022 (1,192 companies).
The old, not the new: Basic security issues still biggest threat to enterprises
IBM | IBM Security X-Force Threat Intelligence Index 2024 | February 2024
- Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opt against paying and decrypting, in favor of rebuilding their infrastructure.
- Nearly one in three attacks observed worldwide targeted Europe, with the region also experiencing the most ransomware attacks globally (26%).
2024 will be a volatile year for cybersecurity as ransomware groups evolve
Arctic Wolf | Arctic Wolf Labs 2024 Threat Report | February 2024
- Hackers have significantly increased demands for ransomware, rising over 20% year-over-year to $600,000.
- Despite BEC incidents outnumbering ransomware incidents by a factor of 10, a ransomware incident is 15 times more likely than a BEC incident to lead to an incident response investigation.
Paying ransoms is becoming a cost of doing business for many
Cohesity | Cohesity Research | February 2024
- 94% of respondents said their company would pay a ransom to recover data and restore business processes, while 5% said ‘maybe, depending on the ransom amount.’
- 67% said their company would be willing to pay over $3 million to recover data and restore business processes, with 35% of respondents saying their company would be willing to pay over $5 million.
Ransomware tactics evolve, become scrappier
Malwarebytes | 2024 ThreatDown State of Malware | February 2024
- Alongside the rise of ransomware attacks in 2023 (68%), the average ransom demand also climbed significantly. The LockBit gang was responsible for the largest known demand, $80 million, following an attack on Royal Mail.
Cybercriminals replace familiar tactics to exfiltrate sensitive data
Delinea | State of Ransomware 2024: Anticipating the Battle and Strengthening Your Defenses | January 2024
- Mid-sized companies appeared to be in cybercriminals’ crosshairs the most, with 65% stating they’ve been a ransomware victim over the past 12 months.
- While 91% of organizations indicated they have specific budget allocations for ransomware, up from 68% in 2022, only 61% (down from 76%) said security budgets were allocated following an attack, which could be due to economic uncertainty or tighter budgets.
Organizations invest more in data protection but recover less
Veeam Software | Veeam Data Protection Trends Report | January 2024
- 92% of organizations will increase 2024 data protection spend, to achieve cyber resilience amidst continued threats of ransomware and cyberattacks.