Local: (805)-371-3680 | Toll Free: (800) 240-CHIV
Ransomware activity is surging in 2023, with third-party vendor risk becoming organizations’ top point of failure.
Cyber insurance provider Resilience’s mid-year claims report showed that ransomware notifications increased 1,110% in Q2 2023 vs. Q2 2022.
Among the key findings:
- Cybercriminals are returning to “big-game hunting.” Attackers are again focusing on larger organizations with sensitive data since they can pay more considerable ransom demands. Two recent examples are MGM Resorts and Caesars Entertainment.
- Third-party vendor cyber risk has overtaken phishing attacks as the leading point of failure in cybersecurity.
- Resilience is seeing more encryption-less data exfiltration attacks where criminals threaten to publish sensitive material unless firms pay the ransom.
What they’re saying: “Ransomware remains a top concern for our clients, with data from firms like Chainalysis showing 2023 is on track to be one of the most active years on record,” said Vishaal Hariprasad, CEO and co-founder of Resilience, in a statement. “However, ransomware risk can be mitigated to the point that victims can choose not to pay a ransom.”
Good news: Fewer organizations are paying ransom demands.
According to the report, just 15% of Resilience clients paid a ransom to resolve a cyber incident in the first half of 2023. That’s down from 21.4% in 2022. And well below the 39.5% payment rate tracked by Coveware, a cyber extortion response firm.
The bottom line: Ransomware is on track to be one of the most active years on record.
Organizations need to take steps to mitigate their risk, including securing their supply chain and having a robust incident response plan.
Go Deeper: Read the Resilience Midyear 2023 Claims Report here.
