2023 Ransomware Statistics Roundup

The chatter around ransomware makes most people want to do one of two things:

1. Sit up and worry
2. Hide under a rock

Neither of these options is appealing.

We can’t deny the growing threat of ransomware, but it doesn’t mean we should let doom and gloom take over. Instead, we can look at the situation through a quantitative lens to better understand what we are dealing with, how to communicate risks to the business, and which actions to take for better security.

To help inform each of these actions, we’ve compiled a list of the most compelling ransomware statistics of 2023.

Ransomware Landscape

• 48% of IT professionals reported an increase in ransomware attacks, with 22% of organizations experiencing a ransomware attack in the past 12 months.
• In a study from Barracuda, the amount of ransomware victims was even broader. 73% of organizations experienced a successful ransomware attack in 2022. And 38% of organizations hit with ransomware were repeat victims.
• Verizon reported that ransomware continued its upward trend with an almost 13% increase – a rise as big as the last five years combined (for a total of 25% for 2022).
• According to IBM’s 2022 Cost of a Data Breach Report, ransomware attacks grew, and destructive attacks got costlier, increasing by over USD 430,000. This is partly because attacks took 49 days longer than average to identify and contain.
• Time to deploy ransomware dropped 94% over the last few years.
• Ransomware operators are increasing the pressure on organizations by doubling down on their techniques, including extortion and harassment. By late 2022, harassment was a factor in about 20% of ransomware cases.
• Backdoor deployments, which enable remote access to systems, were the most common type of attacker action in research by IBM. 67% of backdoor cases were failed ransomware attacks as defenders were able to disrupt the backdoor before the ransomware was deployed.
   

Ransomware Causes

• More than 90% of cyberattacks – including ransomware – are made responsible because of human error.
• Access brokers, who provide or sell credentials and access to organizations to ransomware operators, increased their ads by 112% compared to 2021. This highlights a reason why identity threat protection is critical to stopping breaches.
• Threat actors are continually working on getting past email security solutions. Phishing emails increased by 569% in 2022.
• 69% of ransomware attacks began with an email.

Ransomware Planning

• 51% of enterprises do not have a formal ransomware plan.
• 27% of organizations feel underprepared to deal with ransomware.
• 83% of respondents to a Sophos study have cyber insurance against ransomware, and 97% changed their defenses to improve their cyber insurance position. 
• Backups remain the #1 way to get data back after being attacked.
• On average, it takes 1 month to recover from a ransomware attack, and costs $1.4M on average to remediate an attack.

Turning Stats Into Action

It’s fun to read through statistics, but now it’s time to put them into action. Depending on how mature your ransomware protection is, that could mean using these numbers to communicate the need for new security solutions or security awareness programs. Or, they might inspire security assessments or a more in-depth incident response plan to ensure you are ready for an attack.

Need more ransomware protection resources? Visit our microsite to learn more.