A fall in the number of ransomware in 2022 gave the impression that ransomware attacks were being contained or even controlled. This was a false dawn. 2023 was the third worst year on record for ransom attacks and the worst for payments, which reached over $1 billion, according to Chainalysis. 2024 is on track for a record number of attacks, in part due to intensifying geopolitical tensions.

This report looks in detail at the issue of ransomware, including analysis of the attack landscape, details of the most prolific ransomware gangs, an evaluation of the positive and negative impacts of paying ransoms, and recommendations for businesses, regulators, cyber authorities, and governments.

Key Highlights



You are never too big to be hit by a ransomware attack. Companies that have suffered ransomware attacks include Boeing, Caesars Entertainment, MGM Resorts, Change Healthcare, Royal Mail, Johnson Controls, the UK's National Health Service (NHS), Sony, Capita, and Dish Network. No organization, big or small, is immune from a ransomware attack. What is important is how that organization responds to the attack.

Ransomware gangs are being disrupted by law enforcement takedowns. Law enforcement takedowns against Hive, LockBit, and AlphV have stemmed the tide of attacks. However, the ransomware industry is never static, and new gangs continually emerge to replace those that have been taken down or have become less effective. Gang affiliates are taking a larger slice of ransom payments and are making repeat attacks. Ransomware gangs must now actively compete to attract talent. Ransom payments should not face a blanket ban but should be regulated and licensed. The trend is toward authorities cracking down on ransomware payments. This will drive payments underground, making it more difficult for law enforcement to track and combat ransomware operations, among other negative consequences. Instead, ransom payments should be regulated and licensed to enable more controllable, transparent, and accountable payments.

One in every 10 organizations worldwide was hit by attempted ransomware attacks in 2023. On average, there were 1,158 attacks per organization per week. Ransomware is a major issue for companies of all sizes. This report will help you understand what ransomware is, how it might affect your business, and what you can do about it.

Executive Summary

Recommendations

The Ransomware Attack Landscape

Ransomware Players

The Changing Nature of Attacks

Ransomware Payments Cracking Down on Ransomware Reporting and Payments

