Ransomware Attacks and Data Extortion Claims Spike


November 8, 2023

World map

Researchers from a leading business insurance provider say that their data shows a “worrying resurgence” as ransomware and extortion claims have been increasing every year, surging from 40% in 2019 to almost 80% in 2022, and 2023 also trending higher.

"Hackers are increasingly targeting IT and physical supply chains, launching mass cyberattacks and finding new ways to extort money from companies large and small,” Insurance Journal reports.

“Most ransomware attacks now involve the theft of personal or sensitive commercial data for the purpose of extortion, increasing the cost and complexity of incidents as well as bringing greater potential for reputational damage.”

The report reveals that ransomware activity was up 50% year-over-year in the first two quarters of 2023, noting that ransomware operators are reducing the time to compromise and encryption significantly, with the average number of days required to carry out a successful attack falling from around 60 days in 2019 to just four days.

Takeaway: There is no comparable threat out there as pervasive as what we are seeing with the explosion in the number of ransomware operators, variants, affiliate threat actors, and total dollar losses to victim organizations.

Other recent reports estimated there have been more than 2,300 successful ransomware attacks in just the first half of 2023, and that overall, ransomware attacks were up 74% in Q2-2023 over Q1 volumes.

The actual numbers are certain to be much higher than what is being reported given yet another recent study which found that over half (61%) of executives surveyed said their organization opted not to report a major ransomware attack to law enforcement.

Combine that with an FBI assessment from 2022 where the agency came to the shocking conclusion that only about 20% of attacks were being reported to law enforcement. This assessment was based on the FBI observing monitoring the activity of the infamous Hive ransomware gang for seven months after infiltrating their operations.

Based on these estimates there may have actually been upwards of 10,000 successful ransomware attacks or more in the first half of 2023, but they are simply not being reported.

While authorities have been making some efforts to help organizations get a handle on the ransomware threat, all of the efforts to stem the tide of ransomware attacks are hampered by our not truly understanding the magnitude of this growing threat.

Security teams need hard numbers to quantify the risk accurately and make the required recommendations for investments to security programs. Without accurate assessments of the threat, they are going to have an even harder time getting adequate finding in a timely manner.

Security is a tough space when it comes to budgets. When a security program is running well, the outcome is that nothing happens, so justifying an increase in security spend is hard, and that's why we typically see organizations announce bit investments after they have been victimized.

If the federal government wants to have an immediate impact in combatting ransomware attacks, giving organizations accurate data to better measure their potential threat will go further than most anything else they can offer at this time.

Ransomware is one of the biggest threats to any organization today, and we can’t effectively address the threat if we don’t understand it fully.

Halcyon.ai is the industry’s first dedicated, adaptive security platform that combines multiple advanced proprietary prevention engines along with AI models focused specifically on stopping ransomware – talk to a Halcyon expert today to find out more. Halcyon also publishes a quarterly RaaS and extortion group reference guide, Power Rankings: Ransomware Malicious Quartile.