Organizations impacted by ransomware attacks increased by more than twofold between 2022 and 2023, as more threat actors resort to data extortion tactics, according to SecurityWeek.
Moreover, the rate of those that fulfilled ransoms demanded by their attackers also increased from 68% to 76% over the same period, which may be due to the increasing prevalence of cyberinsurance, a report from Delinea showed. Such gains in ransomware victimization and payment rates come amid a reduction in cybersecurity spending, which researchers said may have been brought upon by lower ransomware incidence in 2022. Attack motivations by ransomware operations were also noted to have evolved.
Sixty-four percent of surveyed organizations reported being subjected to data exfiltration in 2023, up from 46% in 2022, while those impacted by supply chain attacks increased from 44% to 55% during the same period. On the other hand, traditional money grab attack victims declined from 69% to 34%.