H1-2024: Ransomware Attacks Increased 68% in Severity

According to Coalition’s 2024 Cyber Claims Report: Mid-Year Update, while the frequency of ransomware attacks slightly decreased in early 2024, their severity intensified.  

‍

Analyzing claims from January to June, Coalition noted that claims from smaller businesses (under $25 million in revenue) dropped by 4%, averaging $73,000 per incident, the HIPAA Journal reports.

‍

However, mid-sized and larger companies saw claim amounts rise significantly, with a 140% increase among businesses with over $100 million in revenue, pushing average losses to $307,000 per incident.  

‍

Ransomware attacks were particularly costly, averaging $353,000 per incident, marking a 68% increase in attack severity compared to the previous half-year.

‍

Despite a 32% drop in ransomware incidents targeting large healthcare organizations, healthcare sector attacks surged by 134% compared to early 2023. High-profile disruptions included attacks on Change Healthcare and CDK Global, impacting major segments of the healthcare and automotive industries.  

‍

Notably, Play and BlackSuit ransomware groups led with record demands of $4.3 million and $2.5 million, while law enforcement actions disrupted the previously dominant LockBit group.

‍

Ransomware claims comprised 18% of all claims, trailing behind business email compromise (32%) and fund transfer fraud (27%). Also, the use of AI tools contributed to a 4% rise in business email compromise claims, though their severity fell by 30%.  

‍

Takeaway: The first half of 2024 has already seen nearly half a billion dollars paid out in ransoms, reflecting not just the frequency of attacks but also the escalating demands from threat actors.  

‍

The surge in ransom demands—now regularly exceeding a million dollars—indicates that attackers are focusing on larger organizations with more resources, positioning these entities as primary targets.

‍

High-profile incidents in healthcare, automotive, and critical infrastructure sectors demonstrate the far-reaching implications of ransomware on essential services. Attacks on healthcare and other critical sectors disrupt not only business operations but also have severe societal impacts, threatening patient care, safety, and supply chains.  

‍

As ransomware attacks continue to exploit vulnerabilities and configuration weaknesses in widely used software, organizations across industries face a pressing need to close these security gaps.

‍

Beyond ransom payments, the costs associated with ransomware are extensive. Organizations not only face direct ransom demands but also bear the burden of recovery expenses, regulatory fines, legal ramifications, and long-term reputational damage.  

‍

The total financial toll of a ransomware incident can far exceed the initial ransom itself, especially for organizations with complex infrastructures, and the legal and regulatory fallout can be even more costly.

‍

Attackers have become increasingly adept at automating and scaling their operations, leveraging unpatched software vulnerabilities to strike multiple targets swiftly.  

‍

While completely eliminating ransomware threats may be unachievable, implementing effective prevention, resilience, and response strategies can reduce the likelihood of a successful attack.

‍

Building this resilience is crucial in countering the thriving ransomware industry and minimizing the cascading economic impact that ultimately reaches consumers and broader markets.

‍

‍

Halcyon.ai eliminates the business impact of ransomware, drastically reduces downtime, prevents data exfiltration, and enables organizations to quickly and easily recover from attacks without paying ransoms or relying on backups – talk to a Halcyon expert today to find out more. Halcyon also publishes a quarterly RaaS and extortion group reference guide, Power Rankings: Ransomware Malicious Quartile.