RansomwareClock.org

Reported Cost of Ransomware Attacks 2023 YTD

Aggregated Estimate from Public and Private Sources, Reflects Reported Attacks Only. Actual cost estimated to be significantly higher.

2023 has seen dreadful tragedies of all kinds, not the least of which is the unrelenting increase of cyberattacks. We must work together to protect our companies and communities from the financial, operational, and emotional devastation of cybercrime.

Cyber Stats

$1.85m

average cost for remediation, business downtime, lost orders, operational costs, etc. 2X vs year ago. Recovery cost is 10X the size of the ransom payment. Sophos, The State of Ransomware 2021

93%

consider an organization's trustworthiness prior to purchasing. 59% would avoid doing business with a company cyberattacked in the past 12 months. Arcserve 2020 Survey

11 seconds

a new ransomware attack hits this year. Cybersecurity Ventures. (In the time it takes you to read this cyber stat, another business has been hit with a ransomware attack.)

207 days

days is the average time to identify a breach. Meaning the bad guys are in your system for over 6-months. IBM Security Cost of a Data Breach Report 2020.

Only 21%

of security professionals think their current security controls are adequate. Forrester State of Enterprise IoT Security in North America

21 days

days is the average downtime caused by a ransomware attack. Coveware Q4, 2020

Spotlight

CISA

The Cybersecurity and Infrastructure Security Agency (CISA) was founded in 2018 and is a standalone United States federal agency, organized under the Department of Homeland Security (DHS). It exists to...

RECENT ATTACKS & NEWS

May 27, 2023

Industrial Giant ABB Confirms Ransomware Attack, Data Theft

Industrial giant ABB has confirmed that it has been targeted in a ransomware attack, with the cybercriminals stealing some data....

May 26, 2023

Phishing Domains Tanked After Meta Sued Freenom

The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit...

May 26, 2023

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-2 868...

May 26, 2023

Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation

The recently identified Buhti operation uses LockBit and Babuk ransomware variants to target Linux and Windows systems. The post Organizations...

May 26, 2023

Google Cloud Users Can Now Automate TLS Certificate Lifecycle

Google makes ACME API available to all Google Cloud users to allow them to automatically acquire and renew TLS certificates...

May 26, 2023

Zyxel Firewalls Hacked by Mirai Botnet

A Mirai botnet has been exploiting a recently patched vulnerability tracked as CVE-2023-28771 to hack many Zyxel firewalls. The post...

May 26, 2023

NCC Group Releases Open Source Tools for Developers, Pentesters

NCC Group announces new open source tools for finding hardcoded credentials and for distributing cloud workloads. The post NCC Group...

May 25, 2023

Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation

Website impersonation detection and prevention company Memcyco raises $10 million in seed funding. The post Memcyco Raises $10 Million in...

May 25, 2023

New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grid

Mandiant has analyzed a new Russia-linked ICS malware named CosmicEnergy that is designed to cause electric power disruption. The post...

May 25, 2023

Security Pros: Before You Do Anything, Understand Your Threat Landscape

Regardless of the use case your security organization is focused on, you’ll likely waste time and resources and make poor...

PREVENTATIVE RESOURCES

Governmental and Law Enforcement

Legal Matters

Insurance Resources

In Case of Cyber Attack Emergency

If a ransomware incident occurs at your organization, CISA, FBI, and NSA recommend the following actions:

Follow the Ransomware Response Checklist on p. 11 of the CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide
Scan your backups. If possible, scan your backup data with an antivirus program to check that it is free of malware.
Report incidents immediately to CISA at https://us-cert.cisa.gov/report, a local FBI Field Office, or U.S. Secret Service Field Office
Apply incident response best practices found in the joint advisory from Australia, Canada, New Zealand, the United Kingdom, and the United States on Technical Approaches to Uncovering and Remediating Malicious Activity.

Contact your Local FBI Office - https://www.fbi.gov/contact-us/field-offices

Report a Complaint to the FBI’s Internet Criminal Complaint Center: www.IC3.gov

Technical Expertise/Crisis Communications

RansomwareClock.org

RansomwareClock.org

ALL RIGHTS RESERVED 2022

RansomwareClock.org

ALL RIGHTS RESERVED 2021