Ransomware incidents in 2023 experienced a significant surge, increasing by almost 70% compared to the previous year, according to a report by Corvus Insurance [4]. This rise can be attributed to the fragmentation of well-known ransomware groups, who leaked their encryptors on the dark web [2], enabling new actors to develop variations of the strain [2]. The number of active ransomware groups also grew by 34% throughout the year [2] [4].


Despite a slight decrease in attacks in Q4 2023 compared to Q3 [4], the overall number of ransomware attacks for the year still exceeded the previous year’s total by 68% [4]. Law enforcement efforts in Q4 disrupted the ransomware ecosystem [4], resulting in a 7% drop in attacks from Q3 [4]. However, 2023 set a new record for ransomware attacks [4], with a total of 4,496 victims observed on ransomware leak sites [4]. Industries such as law practices and transportation [4], logistics [4], and storage were particularly targeted [1] [4].

Corvus Insurance collected and analyzed data from ransomware leak sites [3], revealing a record number of victim organizations [3]. By combining claims data with leak sites’ information [3], Corvus estimated that between 6,100 and 7,600 organizations fell victim to ransomware attacks [3]. The increase in attacks was facilitated by the exploitation of a security weakness in many organizations’ vulnerability management [3]. Threat actors were able to exploit victims quickly after a vulnerability was discovered [3], putting security teams’ patch management and vulnerability programs to the test [3].

Furthermore, ransomware incidents surged in 2023 [1] [2], with a 95% increase in ransomware leak sites compared to the previous year [1]. Law firms and municipalities were particularly targeted [1], as highlighted in a Q3 2023 report by Corvus Insurance. The impact of ransomware attacks can be severe [1], as demonstrated by recent examples such as three hospitals in Germany having their online systems shut down, resulting in a loss of critical patient care [1].


The rise in ransomware attacks in 2023 has had significant impacts on various industries, with law practices and transportation [4], logistics [4], and storage being particularly affected [4]. The fragmentation of ransomware groups and the subsequent development of new strains have contributed to the increase in attacks. The disruption caused by law enforcement efforts in Q4 shows the potential for mitigating these attacks.

To combat the growing threat of ransomware, enhanced security controls and cyber insurance policies are crucial [4]. Organizations must prioritize vulnerability management and patch management to prevent threat actors from exploiting security weaknesses. The surge in ransomware leak sites further emphasizes the need for proactive measures to protect sensitive data.

Looking ahead, the record-breaking number of ransomware attacks in 2023 serves as a warning for the future. It is imperative for organizations to invest in robust cybersecurity measures and stay vigilant against evolving ransomware tactics. By doing so, they can mitigate the risk of falling victim to ransomware attacks and safeguard their operations and sensitive information.


[1] https://continuityinsights.com/ransomware-attacks-surged-in-2023
[2] https://www.infosecurity-magazine.com/news/ransomware-incidients-high-law/
[3] https://www.techtarget.com/searchsecurity/news/366568380/Corvus-2023-was-a-record-breaking-ransomware-year
[4] https://www.innovationopenlab.com/news-biz/13605/global-ransomware-attacks-reach-record-high-for-2023-according-to-corvus-insurance-q4-ransomware-report.html