Ransomware Is About to Get Worse. Much Worse.
Ransomware attacks are once again a prominent issue in the cybersecurity landscape. According to the 2024 Global Cyber Confidence Index, a survey conducted on behalf of ExtraHop revealed that 91% of security and IT decision-makers admitted to making at least one ransom payment in 2023, an increase from 83% in 2022.
Simultaneously, the percentage of organizations refusing to make ransom payments has significantly dropped from 28% in 2022 to 17% in 2023, and then further down to 8% in 2024.
Based on these statistics, it might be tempting to conclude that organizations are ill-prepared for ransomware attacks and lack the operational resilience to recover without paying the ransom. Otherwise, why would organizations quickly transfer multi-million-dollar payments to known cybercriminals?
The rise in ransom payments and the decline in refusals to pay are influenced not only by preparedness but also by changes in ransomware business models, attack outcomes, and regulations.
Many organizations see paying the ransom as a financial decision, as the cost of the ransom may be lower than the fines they would face when regulators uncover the breach. Ransomware actors often threaten to leak organizations' data or expose the breach to regulators, essentially using the ransom payment as hush money to keep the incident under wraps.
Notably, the size of ransomware payments has been substantial. For instance, UnitedHealthcare reportedly paid the BlackCat ransomware gang $22 million, which is $3 million less than the $25 million minimum GDPR fine. Although most ransomware payments range from one to five million dollars, the average payment from the 2024 Global Cyber Confidence Index was $2.5 million.
领英推荐
Despite the increasing acceptance of making ransom payments, contrary to the White House's warnings, it's not guaranteed that companies paying the ransom will avoid regulatory consequences or retrieve their data intact without it ending up on the dark web. Additionally, research has indicated that organizations that pay the ransom once are likely to be targeted again.
The current state of ransomware attacks is concerning, and experts in cybersecurity and cyberwarfare foresee further intensification as 2024 progresses, especially with the approaching US general election and escalating global geopolitical tensions.
Global Cyber Confidence Index 2024
ExtraHop surveyed over 1,100 cybersecurity and IT leaders worldwide to evaluate their confidence in managing cyber risk. The survey covered topics such as evaluating cyber risk, cybersecurity budgets, and ransomware. It provides an opportunity to compare your organization's capabilities with others in the industry. Download the 2024 Global Cyber Confidence Index here.