The FBI’s 2023 Internet Crime Report (PDF) shows the dramatic growth of the ransomware industry — and details some of the techniques that bad actors use to compromise critical IT systems.
It’s important to note that these statistics are not fully representative of the state of ransomware in the United States. The FBI notes that many infections are not reported to law enforcement; if infections aren’t reported, authorities cannot track them or respond to them.
“… We know they are conservative regarding cybercrime in 2023,” the report notes. “Consider that when the FBI recently infiltrated the Hive ransomware group’s infrastructure, we found that only about 20% of Hive’s victims reported to law enforcement.”
While last year’s statistics should be considered with a grain of salt, the report has some interesting figures:
- Ransomware incidents rose by about 18% from 2022, with over 2,825 complaints reported.
- Reported ransomware losses totaled more than $59.6 million.
- Healthcare organizations were most likely to report ransomware attacks, with 240 reported in 2023.
- 1,193 ransomware complaints were received from organizations belonging to a critical infrastructure sector.
- Of the 16 critical infrastructure sectors, 14 sectors had at least one member that “fell to a ransomware attack” in 2023.
- The top ransomware variants affecting critical infrastructure were Black Basta, Royal, Akira, ALPHV/BlackCat, and Lockbit.
- The FBI noted several “emerging ransomware trends,” which included deployment of multiple ransomware variants against the same victim and the use of data-destruction tactics to pressure victims to negotiate.
The FBI encourages victims to report ransomware attacks.
The Bureau’s Internet Crime Compliance Center (IC3) tracks and responds to cybercrime complaints. That’s not restricted to ransomware, by the way; the IC3 is also responsible for collecting info about personal data breaches, phishing scams, and other types of cybercrime.
But given the growing threat, accurate reportage of ransomware attacks may be especially crucial.
“[Reporting ransomware attacks] provides investigators with the critical information they need to track ransomware attackers, hold them accountable under U.S. law, and prevent future attacks,” the report notes.
The IC3 also notes that the FBI does not recommend paying for ransomware. As we’ve discussed in other articles, paying for ransomware may be illegal in some circumstances — and not particularly effective for data restoration. In many cases, organizations also have a legal responsibility to report ransomware payments to the authorities.
Related: Paying Ransom Doesn’t Restore Data for 25% of Ransomware Victims
Ransomware Data Recovery and Investigation from Datarecovery.com
Encountering a ransomware infection can be daunting. Datarecovery.com is prepared to help. With decades of combined experience in ransomware and ongoing investments in research & development, we offer comprehensive solutions to recover from ransomware infection and protect against future attacks.
To learn more, call 1-800-237-4200 and ask to speak with a ransomware specialist or submit a case online.