The 2023 State of Ransomware Report
An annual study of the real-world ransomware experiences of IT/cybersecurity leaders makes clear the realities facing organizations in 2023
About the Sophos Survey
Root Causes of Ransomware Attacks
Survey respondents reported that an exploited vulnerability was the most common root cause of ransomware attacks (36%), followed by compromised credentials (29%). These findings align almost exactly with Sophos’ latest retrospective analysis of 152 attacks that their Incident Response and Managed Detection and Response (MDR) teams were brought in to remediate, where 37% started with an exploited vulnerability and 30% with compromised credentials.
Emails were the root cause of 30% (with rounding) of attacks: 18% started with a malicious email and 13% with phishing. Approximately 3% began with a brute force attack and just 1% with a download.
Data Theft
In 30% of ransomware attacks where data was encrypted, that data was also stolen. This “double dip” approach by adversaries is becoming increasingly commonplace as they look to increase their ability to monetize attacks. The threat of making stolen data public can be used to extort payments and the data can also be sold. The high frequency of data theft increases the importance of stopping attacks as early as possible before information can be exfiltrated.
2023 Ransomware Stats
- The average ransom payment was $1,542,333
- 40% of payments were over $1 million or more (compared to 11% in 2022)
- 30% of ransomware attacks where data was encrypted reported that data was also stolen
- 66% of organizations were hit by ransomware
- The average time to recover from ransom attacks is about one month
The full 2023 State of Ransomware report can be found here
EverChain maintains its SOC2 Type 2 compliance year after year. Read more about our compliance approach here or chat with one of our dynamic business development team members via email. Schedule a free consultation here.
Related Posts
The Evolving Role of Chatbots in Consumer Finance Many industries have undergone a significant transformation [...]
Guide to Joining EverChain's Elite Collection Agency Network EverChain creates profitable partnerships specifically for the [...]