Reported Cost of Ransomware Attacks 2024 YTD


Aggregated Estimate from Public and Private Sources, Reflects Reported Attacks Only. Actual cost estimated to be significantly higher.

The forecast for cybercrime in 2024 is harsh with attacks increasing in frequency, sophistication, and severity. We must work together to protect our companies and communities from the financial, operational, and emotional trauma of cyber-attacks.

Cyber Stats


average cost for remediation, business downtime, lost orders, operational costs, etc. 2X vs year ago. Recovery cost is 10X the size of the ransom payment. Sophos, The State of Ransomware 2021


consider an organization's trustworthiness prior to purchasing. 59% would avoid doing business with a company cyberattacked in the past 12 months. Arcserve 2020 Survey

11 seconds

a new ransomware attack hits this year. Cybersecurity Ventures. (In the time it takes you to read this cyber stat, another business has been hit with a ransomware attack.)

207 days

days is the average time to identify a breach. Meaning the bad guys are in your system for over 6-months. IBM Security Cost of a Data Breach Report 2020.

Only 21%

of security professionals think their current security controls are adequate. Forrester State of Enterprise IoT Security in North America

21 days

days is the average downtime caused by a ransomware attack. Coveware Q4, 2020


Read More


The Cybersecurity and Infrastructure Security Agency (CISA) was founded in 2018 and is a standalone United States federal agency, organized under the Department of Homeland Security (DHS). It exists to...


February 26, 2024

FBI’s Lockbit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga.

The FBI’s takedown of the LockBit ransomware group last week came as LockBit was preparing to release sensitive data stolen...

Read More

February 24, 2024

White House Wades Into Debate on ‘Open’ Versus ‘Closed’ Artificial Intelligence Systems

The White House is seeking public comment on the risks and benefits of having an AI system’s key components publicly...

Read More

February 23, 2024

Toward Better Patching — A New Approach with a Dose of AI

Use of AI to cut through the noise and confusion of the current vulnerability prioritization approaches suggests an exciting future...

Read More

February 23, 2024

Apple Shortcuts Vulnerability Exposes Sensitive Information

High-severity vulnerability in Apple Shortcuts could lead to sensitive information leak without user’s knowledge. The post Apple Shortcuts Vulnerability Exposes...

Read More

February 23, 2024

In Other News: Spyware Vendor Shutdown, Freenom-Meta Settlement, 232 Threat Groups

Noteworthy stories that might have slipped under the radar: Spyware vendor Varonis is shutting down, Crowdstrike tracks 232 threat actors,...

Read More

February 23, 2024

‘SlashAndGrab’ ScreenConnect Vulnerability Widely Exploited for Malware Delivery

ConnectWise ScreenConnect vulnerability tracked as CVE-2024-1709 and SlashAndGrab exploited to deliver ransomware and other malware. The post ‘SlashAndGrab’ ScreenConnect Vulnerability...

Read More

February 23, 2024

Updated: Top Cyber Actions for Securing Water Systems

Today, CISA, the Environmental Protection Agency (EPA), and the Federal Bureau of Investigation (FBI) updated the joint fact sheet Top...

Read More

February 23, 2024

230k Individuals Impacted by Data Breach at Australian Telco Tangerine

Tangerine Telecom says attackers stole the personal information of 230,000 individuals from a legacy customer database. The post 230k Individuals...

Read More

February 23, 2024

AT&T Says the Outage to Its US Cellphone Network Was Not Caused by a Cyberattack

AT&T said the hourslong outage to its U.S. cellphone network Thursday appeared to be the result of a technical error,...

Read More

February 23, 2024

Microsoft Releases Red Teaming Tool for Generative AI

Microsoft releases PyRIT red teaming tool to help identify risks in generative AI through automation. The post Microsoft Releases Red...

Read More

In Case of Cyber Attack Emergency

If a ransomware incident occurs at your organization, CISA, FBI, and NSA recommend the following actions:

Contact your Local FBI Office - https://www.fbi.gov/contact-us/field-offices

Report a Complaint to the FBI’s Internet Criminal Complaint Center: www.IC3.gov

Technical Expertise/Crisis Communications