Record-breaking payments were made to crypto-related ransomware attackers in 2023, with the scope and complexity of attacks increasing substantially, according to new research. 

In 2023, victims working in hospitals, schools and major corporations paid out over $1.1bn to cybercriminals.

The amount of money paid out by victims in 2023 was double that of 2022, which totalled $567m, according to a new report from crypto and blockchain data platform Chainalysis.

Ransomware is a type of malware attack which encrypts files on a device, rendering them and the systems that rely on them unusable.

This type of attack gets its name as the assailant usually asks the victim for a ransom in exchange for decryption.

Ransomware has been used in several high-profile attacks and is the most concerning type of cyberattack for business leaders, according to research and analysis company GlobalData. A ransomware attack can cause a significant loss of revenue and can paralyse an organisation.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

In 2023, attackers infiltrated the widely used file transfer software MOVEit to carry out a ransomware attack on global governments, individuals and major corporations including Shell and British Airways.

In February 2023, US chipmaking equipment supplier MKS Instruments was affected by a ransomware attack that cost over $200m in lost and delayed sales.

David Bicknell, principal analyst at research company GlobalData, told Verdict that resilience is critical for organisations impacted by ransomware.

“Many ransomware attacks are now targeting company back-ups and backup repositories were affected by ransomware attacks,” Bickenell said.

“It is important that organisations are able to develop and maintain resilient backup strategies. It’s often been said that successful recovery from a cyberattack is a matter of planning and execution, not of chance or negotiation,” he added.

The amount paid out to crypto-related ransomware attacks in 2022 almost halved from 2021, which totalled $983m in victim payouts. 

A decrease in ransomware activities 2022 is likely due to geopolitical events like the Russia-Ukraine conflict, Chainalysis states. 

“This conflict not only disrupted the operations of some cyber actors but also shifted their focus from financial gain to politically motivated cyberattacks aimed at espionage and destruction,” Chainalysis said in its report.

Higher risk for ransomware attacks in 2024

In December, the UK government stated that Britain was at high risk of a “catastrophic” ransomware attack that could cost tens of billions of pounds and shut down critical infrastructure.

According to GlobalData’s Tech, Media, & Telecom Predictions 2024 report, company employees will face a greater risk of spear-phishing attacks in 2024 aimed at gaining access to an organisation’s systems through AI-powered social engineering. 

GlobalData stated that the widespread availability of generative AI tools, such as OpenAI’s ChatGPT, enhances the sophistication and personalised nature of attacks from bad actors.

According to Cybersecurity Ventures, global cybercrime will reach $10.5trn annually by 2025. Tackling this issue requires investment, and GlobalData forecasts that cybersecurity revenues will reach $344bn worldwide by 2030.