Ransomware demands in 2023 continued to increase, with industries facing demands of $1 million or more per incident [2] [4] [6]. Cybercriminals determine ransom amounts based on various factors, leading to a rise in median initial demands to $600,000.
Description
In 2023, ransomware demands rose to a median initial demand of $600,000, a 20% increase from the previous year [1] [5]. Industries such as energy & natural resources [1] [5], retail [1] [2] [3] [4] [5] [6], legal & government faced demands of $1 million or more per incident [1] [5]. Cybercriminals determine ransom amounts based on victim resources, industry [1] [2] [3] [4] [5] [6], operational impact, insurance coverage [1], and attacker motivations. Manufacturing remained the most targeted industry on ransomware leak sites [1] [5], followed by business services [1], education & non-profit [1] [5] [6], and retail & wholesale [1] [5]. Ransomware incidents are more likely to trigger incident response investigations compared to BEC incidents. Vulnerabilities disclosed in 2022 or earlier were exploited in nearly 60% of incidents involving externally accessible systems. Ransom demands are expected to rise further in 2024 as ransomware groups expand their targets and tactics [3]. Legal [1] [2] [4] [5], government [1] [2] [3] [4] [5], retail [1] [2] [3] [4] [5] [6], and energy industries each faced median demands of $1 million or more [2] [4], with ransomware incidents being 15 times more likely than BEC incidents to lead to an incident response investigation [2] [4] [6]. Manufacturing [1] [2] [4] [5] [6], business services [1] [2] [4] [5] [6], and education/non-profit industries were the top three to appear on ransomware leak sites [4]. Leak sites were more likely to post data from victims who refused to pay or were perceived as stalling [1] [5].
Conclusion
The rise in ransomware demands in 2023 poses significant challenges for industries, with impacts on operational and financial aspects. Mitigations such as enhancing cybersecurity measures and incident response capabilities are crucial to combatting ransomware attacks. Looking ahead, ransomware incidents are expected to continue increasing [3], highlighting the importance of proactive cybersecurity strategies to protect against evolving threats.
References
[1] https://www.infosecurity-magazine.com/news/ransomware-demands-jump-2023/
[2] https://www.globenewswire.com/news-release/2024/02/20/2831493/0/en/Arctic-Wolf-Threat-Report-Highlights-Sharp-Rise-in-Ransom-Demands-and-BEC-Incidents.html
[3] https://siliconangle.com/2024/02/20/ransom-demands-surge-20-2023-hitting-key-industries-hardest/
[4] https://finance.yahoo.com/news/arctic-wolf-threat-report-highlights-060000734.html
[5] https://ciso2ciso.com/initial-ransomware-demands-jump-20-to-600000-in-2023-source-www-infosecurity-magazine-com/
[6] https://www.sdcexec.com/safety-security/risk-compliance/news/22887513/arctic-wolf-supply-chains-experience-sharp-rise-in-ransom-demands-study
