There's some possibly good news on the ransomware front.
Companies are becoming more resilient to attacks, and the ransom payments extorted from businesses by hackers are on a downward trend.
That's one of the findings of insurance broker Marsh, which conducted an analysis of the more than 1800 cyber claims it received during 2023 from its clients in the United States and Canada.
According to Marsh, ransomware attacks were linked to less than 20% of all claims made to the firm during the last year. Instead, claims were often driven by other factors. These factors include the "increased sophistication of cyberattacks; the MOVEit event, highlighting supply chain vulnerabilities; and privacy claims."
Furthermore, in 2023, less than one quarter (23%) of all companies submitting claims had paid ransom demands, a decline from previous years.
The supposition is that executives are becoming more sophisticated in mitigating the impact of a ransomware attack and that their companies have better resiliency measures in place.
The result of this improved mitigation? Businesses are less likely to find themselves utterly paralysed by a ransomware attack and may be able to continue operating - even if at reduced capacity.
And, as Marsh explains, greater resilience can inevitably directly impact a company's decision on whether it should pay its extortionists a ransom or not.
Of course, that's not to say that ransomware doesn't remain a top concern for insurers and their clients. Indeed, the potentially significant financial impact, harm to a company's reputation and market share, and the risk of litigation and regulatory scrutiny in the long term means that it remains a threat that must be taken seriously.
According to Marsh's report, the median ransom demand soared upwards to a record US $20 million from a previous figure of $1.4 million last year. A sign that ransomware attackers are getting more greedy? Or perhaps, more desperate?
Corporations globally have reportedly paid US$ 1.1 billion in ransomware payments. This figure may surprise some, considering that many attackers are located in Russia, which might be considered to present difficult legal challenges for companies due to financial sanctions.
The headline news, though, is that more extorted companies are declining to pay their ransomware attackers.
And that has to be good news for all of us.
The less cybercriminals believe they are likely to succeed in extorting a ransom, the more likely it is that they will divert their illegal activities in a different direction.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of Tripwire.
