The State of Ransomware in 2023: Statistics, Data & Trends

In 2023, ransomware continued to be one of the most formidable challenges in the cybersecurity landscape. This form of cyberattack involves encrypting a victim’s data and demanding payment for its release. In the past years, the scale and impact of ransomware have evolved in sophistication and scale to affect businesses, governments, and individuals alike. 

Let’s take a look at how damaging and yet widespread ransomware has been so far this year. 

The Current State of Reported Ransomware

Recent case studies and ransomware statistics paint a concerning picture of ransomware’s impact in 2023. More businesses are affected across all industries, from the healthcare system to the supply chain industry. 

• According to Statista, about 70% of businesses will suffer one or more ransomware attacks in 2022 and the trend will increase in 2023 and beyond.
• The number of reported ransomware attacks in the U.S. grew by 47% between January 2020 and December 2022. 

How much is ransomware costing businesses?

• The number of ransomware attacks increased by over 37% in 2023. The average company ransom payment exceeded $100,000 with a $5.3 million average demand.
• According to Statista, 71% of the infrastructure of global businesses was impacted by ransomware gangs. A total of 62.9% of the ransomware victims paid the ransom to recover their data and use of their networks and devices. 
• According to Cybersecurity Ventures, global ransomware groups are expected to increase by 30% year-over-year over the next decade. The cost of ransomware is estimated to exceed $265 billion annually by 2031, with at least one ransomware attack happening every two seconds. This shows the scope and damaging effects of businesses affected by ransomware and cybercriminals. 

Which industry is most affected by ransomware?

• Blackfog reports that education, government, and healthcare are the top three sectors to experience a ransomware attack in 2022. This makes sense as these industries work with sensitive data services and personal information that must remain private and protected. Cybercriminals target these industries because they know they can’t afford for the sensitive information to be lost or publicized. Organizations have to pay the ransom demands to protect their assets and reputation. 
• An IBM report showed that for the last 12 years, the healthcare system had the greatest average cost of ransomware for any industry at $10.1 million per incident response. 
• According to a Trend Micro study: 
  • 57% of interviewed healthcare organizations reported a ransomware payment attack within the past three years. 
  • 25% had to stop operations due to the attack, which meant they couldn’t work, function, and make money while trying to get their network and financial services back in place. 
• A worrying case study came from Verizon regarding ransomware in the education industry:
  • The education sector accounted for 30% of the data breaches in 2022.
  • There were 1,241 data breach incidents.
  • 282 of the affected businesses confirmed they lost data or experienced exposure.
  • 75% of the violations came from external cybercriminals. 25% came from internal threats which points to how internal negligence or deliberate disclosure can be highly damaging.      

How prepared are small and medium businesses against ransomware?

Small businesses are particularly vulnerable. A study reported by UpCity says only half of United States small businesses have a cybersecurity plan against a potential ransomware group attack. This makes them particularly exposed to cyber hackers, which can seriously damage their networks and operations. They can lose data and sensitive information and a ransomware event can damage their reputation with their customers. 

Other statistics are just as worrying:

• According to Verizon, of 832 ransomware attacks, 130 confirmed data loss. Businesses trying to recover lost data direct money and efforts that would be otherwise used for more profitable aims. 
• An average business needs 22 days to recover from a malware attack. That means immense income loss and a disruption that is far bigger than the actual ransom paid. 
• Almost half of the businesses hostage to ransomware paid to prevent revenue loss:
  • 41% of the rest paid ransom to make the recovery process faster, so they would lose less. 
  • Of those with reported lost revenue, two-thirds said they lost between $1 and $10 million. 
  • Over one in two companies that experienced ransomware payment discovered corrupted data after erasing the encryption.

What are the most common cybercrimes?

The most common cybercrimes across the globe include: 

• Penetrating corporate networks
• Stealing data for ransom
• Gaining unauthorized access to sensitive information like names, credit card details, passwords, PINs, health details, addresses, and terms of service. 
• Encrypting devices which means their legal users can’t use them anymore. Once the ransom is paid, hackers remove the encryption. 

Key Trends and Developments for 2023 and beyond

Several key ransomware trends have emerged in the ransomware landscape this year, which show how the cybercriminal world is evolving. 

Cybercrime as a business

Cybercrime has become a business that is adapting to making money out of damaging networks and stealing organizations’ data and information. 

Threat actors often subcontract their work and pay the subcontractor with a percentage of the ransom. This new practice has been called ‘Ransomware as a Service’ (RaaS). 

RaaS involves cybercriminals selling or renting ransomware tools necessary to penetrate a network, to others. This means the world of cybercrime is widening. An increasing number of dangerous players can wreak havoc on businesses’ processes, as they don’t need to develop the necessary tools — something that has traditionally required time and money. Instead, they buy or rent them. This is one reason why cybercrime has increased both in scope and numbers. 

Double extortion

‘Double extortion’ tactics are becoming increasingly prevalent, where attackers not only encrypt data but also threaten to release it publicly unless the ransom is paid. ‘Double extortion’ aims at making sure businesses have no other solution but to pay the ransom. 

Sensitive industries targeted by ransomware attacks

Another notable trend is the targeting of specific industries, such as healthcare and education, due to their critical need for immediate data access and thus a higher likelihood of paying the ransom. 

The Impact on Businesses and Individuals

The impact of ransomware extends beyond financial losses due to the ransom payments. 

For individuals, ransomware attacks can result in the loss of sensitive personal data and significant financial strain.

Businesses, however, also face operational disruptions, loss of reputation, legal repercussions, and the cost of recovery and strengthening cybersecurity post-attack. 

Preventative Measures and Best Practices

In combating ransomware, proactive measures are key. 

This includes regular backups of critical data, employee training to recognize and avoid phishing attempts (a common vector for ransomware), and implementing sustained security solutions like antivirus software and firewalls. 

Businesses should also set up a response plan for potential ransomware attacks, emphasizing rapid detection and containment.

Protect Your Business with Corporate Technologies

Ransomware in 2023 represents a complex and evolving threat affecting millions of people but is not insurmountable. Staying informed about the latest technology trends and top ransomware variants and their tactics is essential for effective defense and adopting comprehensive security measures. Individuals and organizations can significantly reduce their risk of falling victim to many ransomware attacks. A united front integrating technology, law enforcement, and strategic cybersecurity measures is key to mitigating the damage caused by these insidious attacks on our systems.

Safeguard your system or network, especially sensitive financial information, by letting Corporate Technologies fortify your digital defenses and ensure the security of your critical assets. Contact us today to find out more!