Reported Cost of Ransomware Attacks 2023 YTD


Aggregated Estimate from Public and Private Sources, Reflects Reported Attacks Only. Actual cost estimated to be significantly higher.

2023 has seen dreadful tragedies of all kinds, not the least of which is the unrelenting increase of cyberattacks. We must work together to protect our companies and communities from the financial, operational, and emotional devastation of cybercrime.

Cyber Stats


average cost for remediation, business downtime, lost orders, operational costs, etc. 2X vs year ago. Recovery cost is 10X the size of the ransom payment. Sophos, The State of Ransomware 2021


consider an organization's trustworthiness prior to purchasing. 59% would avoid doing business with a company cyberattacked in the past 12 months. Arcserve 2020 Survey

11 seconds

a new ransomware attack hits this year. Cybersecurity Ventures. (In the time it takes you to read this cyber stat, another business has been hit with a ransomware attack.)

207 days

days is the average time to identify a breach. Meaning the bad guys are in your system for over 6-months. IBM Security Cost of a Data Breach Report 2020.

Only 21%

of security professionals think their current security controls are adequate. Forrester State of Enterprise IoT Security in North America

21 days

days is the average downtime caused by a ransomware attack. Coveware Q4, 2020


Read More


The Cybersecurity and Infrastructure Security Agency (CISA) was founded in 2018 and is a standalone United States federal agency, organized under the Department of Homeland Security (DHS). It exists to...


May 27, 2023

Industrial Giant ABB Confirms Ransomware Attack, Data Theft

Industrial giant ABB has confirmed that it has been targeted in a ransomware attack, with the cybercriminals stealing some data....

Read More

May 26, 2023

Phishing Domains Tanked After Meta Sued Freenom

The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit...

Read More

May 26, 2023

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-2 868...

Read More

May 26, 2023

Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation

The recently identified Buhti operation uses LockBit and Babuk ransomware variants to target Linux and Windows systems. The post Organizations...

Read More

May 26, 2023

Google Cloud Users Can Now Automate TLS Certificate Lifecycle

Google makes ACME API available to all Google Cloud users to allow them to automatically acquire and renew TLS certificates...

Read More

May 26, 2023

Zyxel Firewalls Hacked by Mirai Botnet

A Mirai botnet has been exploiting a recently patched vulnerability tracked as CVE-2023-28771 to hack many Zyxel firewalls. The post...

Read More

May 26, 2023

NCC Group Releases Open Source Tools for Developers, Pentesters

NCC Group announces new open source tools for finding hardcoded credentials and for distributing cloud workloads. The post NCC Group...

Read More

May 25, 2023

Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation

Website impersonation detection and prevention company Memcyco raises $10 million in seed funding. The post Memcyco Raises $10 Million in...

Read More

May 25, 2023

New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grid

Mandiant has analyzed a new Russia-linked ICS malware named CosmicEnergy that is designed to cause electric power disruption. The post...

Read More

May 25, 2023

Security Pros: Before You Do Anything, Understand Your Threat Landscape

Regardless of the use case your security organization is focused on, you’ll likely waste time and resources and make poor...

Read More

In Case of Cyber Attack Emergency

If a ransomware incident occurs at your organization, CISA, FBI, and NSA recommend the following actions:

Contact your Local FBI Office - https://www.fbi.gov/contact-us/field-offices

Report a Complaint to the FBI’s Internet Criminal Complaint Center: www.IC3.gov

Technical Expertise/Crisis Communications