The state of ransomware in 2023: Figures, trends, and notable attacks so far

The state of ransomware in 2023: Figures, trends, and notable attacks so far

In a ransomware attack, attackers use malware to encrypt their victim's sensitive data in exchange for a ransom. In recent years, ransomware attacks have become increasingly widespread, leaving a trail of financial ruin, operational disruption, and reputational damage in their wake.

In 2023, ransomware continues to be a formidable and serious threat to businesses. Here are the top reasons why.

Attacks are increasing in frequency and severity

Forty-eight percent of all IT professionals who responded in the 2023 Thales Data Threat Report reported a rise in ransomware attacks. Additionally, more than a fifth (22%) of organizations surveyed said that they experienced a ransomware attack in the past 12 months. These statistics emphasize the growing prevalence of ransomware attacks and underline the need for enhanced cybersecurity measures to protect businesses and their data.

But that's not all. According to Sophos' The State of Ransomware 2023, the percentage of ransomware attacks in which the attackers were able to encrypt the victim's data has increased to 76%, the highest level in four years. This is likely because attackers are leveraging increasingly sophisticated processes and are becoming more adept at finding critical system vulnerabilities.

Data recovery costs are getting steeper

Ransom payments constitute only a portion of the overall expenses associated with recovering from ransomware incidents. Excluding ransom payments, Sophos still estimates an average recovery cost of 1.82 million USD (2.48 million CAD), an uptick from 1.4 million USD (1.9 million CAD) in 2022.

The figure is only expected to skyrocket in the coming years. Cybersecurity Ventures predicts that ransomware attacks will reach 265 billion USD (360 billion CAD) annually by 2031. This estimate is based on the assumption that the damage costs will grow by 30% each year for the next 10 years. Every two seconds, a new ransomware attack is expected to target either consumers or businesses as ransomware developers continue to improve their malware and extortion methods.

New players and techniques are on the rise

LockBit has been the most dominant Ransomware-as-a-Service group for the past year and a half. However, in March and June of 2023, CL0P surpassed LockBit's attack rate by a significant margin. CL0P was able to achieve this by exploiting zero-day vulnerabilities in the GoAnywhere MFT and MOVEit Transfer software. These vulnerabilities allowed them to gain unauthorized access to victims' networks and launch ransomware attacks on a massive scale.

If more ransomware groups start adopting CL0P's zero-day exploitation techniques, the ransomware landscape could change dramatically. Ransomware attacks could become more frequent and more difficult to defend against.

Specific industries are more vulnerable to ransomware’s impacts

Some of the most notable ransomware attacks this year include the breaches on Royal Mail (January), Capita (March), and HWL Ebsworth (June), underscoring the fact that ransomware is a growing problem across industries.

But while no industry is spared from ransomware attacks, Sophos cautions that the type of industry a business is in plays a significant factor in whether or not it will lose business or revenue after an attack. Overall, businesses in education and construction and property sectors, which typically use outdated technology and systems, are the most likely to report some loss of business or revenue due to a ransomware attack. Meanwhile, businesses in the IT, technology, and telecoms sector are the least likely to suffer from ransomware attack, as they generally have sufficient resources and robust backup and disaster recovery plans that mitigate the impact of cyberthreats.

XBASE Technologies can protect businesses from ransomware

Ransomware is a serious threat to businesses in 2023 and beyond. If you’re not prepared for a ransomware attack, you could lose not just your data and your customers, but also your business.

XBASE Technologies can help set up proactive solutions to defend your organization against ransomware and other cyber risks. We are one of Toronto's most trusted technology partners, and we offer a comprehensive range of security solutions, including 24/7 monitoring, proactive threat detection, incident response, and backup and recovery services.

Contact us today and discover how our EXponentially Better™ services mitigate the risk of cyberthreats.