Ransomware payments surpass $1 billion in 2023, report finds


The rate and scale of ransomware attacks have increased significantly over the past few years, with ransom payments surpassing $1 billion for the first time ever in 2023, according to a new report released Wednesday by the Ransomware Task Force (RTF).

The 36-page April 2024 progress report "Doubling Down" highlights the ongoing threat of ransomware despite concerted efforts by government agencies, civil society, the technical community, and the private sector to combat it.

The Institute for Security and Technology (IST), a California-based think tank behind the Ransomware Task Force report, reviews the recommendations it made in a 2021 RTF report "Combating Ransomware: A Comprehensive Framework for Action," noting that while some progress has been made, major challenges remain.

ADVERTISEMENT
Ransomware Task Force report Doubling Down
Image by Institute for Security and Technology

In fact, of the 48 original recommendations laid out in the 2021 report only half (24) have seen significant action, another 20 are in preliminary phases, while four recommendations remain unaddressed, the RTF stated.

The Institute is calling for a “doubling down” on efforts to implement the remaining recommendations, particularly those requiring legislative action from the US government.

“While governments deserve praise for the mechanisms they have put in place, our assessment is that the United States is not using them to their full extent,” the report stated.

Using the hashtag “#24in24,” the IST announced a special event being held Wednesday in conjunction with the newly released report on X.

The event – with five discussion panels, three keynotes, and two fireside chats scheduled among 42 experts from across the ransomware ecosystem – is expected to zero in on those leftover 24 recommendations and how to redouble efforts to deter ransomware attacks through a nationally and internationally coordinated comprehensive strategy.

ADVERTISEMENT

The event, like the report, will also cover topics such as how to disrupt the ransomware business model and reduce criminal profits, help organizations prepare for ransomware attacks, and respond to ransomware attacks more effectively.

2023 key ransomware statistics

According to the latest statistics gathered in the RTF report there was an 37% increase of ransomware attacks on critical infrastructure reported to the FBI from 2022 to 2023.

During that same time period, the number of overall ransomware attacks increased roughly 18%, costing victims over $1 billion in crypto payments, the RTF found.

Stats by Google showed that In 2023, just four ransomware groups were responsible for exploiting six zero-day vulnerabilities, including the "MOVEit and GoAnywhere file-transfer services, Citrix networking products, and PaperCut print management software" hacks, which spawned hundreds of victims for each.

And, when it came to the financial sector, security software firm Sophos reported that 25% of the attacks included both data encryption and data exfiltration.

Ransomware Task Force report Doubling Down stats
Image by Institute for Security and Technology

Areas still needing action, according to the RTF, include harmonizing incident reporting mechanisms, which include “streamlining incident reporting to lessen the burden on victims,” expanding international collaboration through information sharing, and increasing deterrence and disruption efforts.

The RTF would also like to see governments take concrete steps to make ransomware less profitable by reining in ransom payments and fostering public and private partnerships with law enforcement and US government cyber agencies, such as the National Institute of Standards and Technology (NIST) and the Cybersecurity Infrastructure and Security Agency (CISA). Committing more financial resources for preparation and response is also recommended.

The think tank believes that disrupting ransomware at scale through the implementation of these recommendations will require intensified efforts from all stakeholders: governments, civil society, and industry.

ADVERTISEMENT

The RTF is also stressing the need for increased government transparency in addressing ransomware, especially considering the nation’s high vulnerability, national security concerns, economic losses, and disruption of critical services.