Ransomware payments hit $1.1 billion in 2023, a record high and twice what they were in 2022. The frequency, scope and volume of attacks were all up, as was the number of independent groups conducting the attacks, according to a report by Chainalysis.
“We’re tracking dozens more groups than we used to,” Chris Morgan, senior cyber threat intelligence analyst at ReliaQuest, tells CSO. “And a lot of these groups are taking experience from one operation and starting their own operation in the back of it, often in the wake of law enforcement activity.” With more business activities taking place online, there are more potential victims for ransomware, Morgan says. Plus, there are some countries where law enforcement has limited jurisdiction, a vacuum of opportunity for groups to emerge.
The size of each individual payment is also up, with more than three quarters of all payments totaling $1 million or more — up from just over half in 2021. The only bright spot last year was that more victims refused to pay ransoms and restored from backups, instead. According to Coveware, only 29% of victims paid up in the fourth quarter of 2023, a record low — and down from 85% in 2019. Similarly, cyber insurance claims data from Corvus Insurance, shows that only 27% of victims pay ransoms.