RansomwareClock.org

Reported Cost of Ransomware Attacks 2022 YTD

Aggregated Estimate from Public and Private Sources, Reflects Reported Attacks Only. Actual cost estimated to be significantly higher.

2022 has seen dreadful tragedies of all kinds, not the least of which is the unrelenting increase of cyberattacks. We must work together to protect our companies and communities from the financial, operational, and emotional devastation of cybercrime.

Cyber Stats

$1.85m

average cost for remediation, business downtime, lost orders, operational costs, etc. 2X vs year ago. Recovery cost is 10X the size of the ransom payment. Sophos, The State of Ransomware 2021

93%

consider an organization's trustworthiness prior to purchasing. 59% would avoid doing business with a company cyberattacked in the past 12 months. Arcserve 2020 Survey

11 seconds

a new ransomware attack hits this year. Cybersecurity Ventures. (In the time it takes you to read this cyber stat, another business has been hit with a ransomware attack.)

207 days

days is the average time to identify a breach. Meaning the bad guys are in your system for over 6-months. IBM Security Cost of a Data Breach Report 2020.

Only 21%

of security professionals think their current security controls are adequate. Forrester State of Enterprise IoT Security in North America

21 days

days is the average downtime caused by a ransomware attack. Coveware Q4, 2020

Spotlight

CISA

The Cybersecurity and Infrastructure Security Agency (CISA) was founded in 2018 and is a standalone United States federal agency, organized under the Department of Homeland Security (DHS). It exists to...

RECENT ATTACKS & NEWS

November 30, 2022

One Year Later: Log4Shell Remediation Slow, Painful Slog

Almost exactly a year after the Log4Shell security crisis sent defenders scrambling to reduce attack surfaces, new data shows that...

November 30, 2022

Don’t Let Your Career Go the Way of Entertainment 720

In season four of the TV show “Parks and Recreation”, two of the characters founded a company named “Entertainment 720...

November 30, 2022

Investors Bet $31 Million on Sphere for Identity Hygiene Tech

Venture capital investors have invested another $31 million into Sphere Technology Solutions, a New Jersey startup building technology to help...

November 30, 2022

Google Links Exploitation Frameworks to Spanish Spyware Vendor Variston

Google’s Threat Analysis Group (TAG) has linked three exploitation frameworks, as well as several vulnerabilities that were likely used as...

November 30, 2022

Chrome 108 Patches High-Severity Memory Safety Bugs

Google this week announced the release of Chrome 108 in the stable channel with patches for 28 vulnerabilities, including 22...

November 30, 2022

Self-Replicating Malware Used by Chinese Cyberspies Spreads via USB Drives

A China-linked cyberespionage group tracked as UNC4191 has been observed using self-replicating malware on USB drives to infect targets, and...

November 30, 2022

OT:Icefall Continues With Vulnerabilities in Festo, Codesys Products

Forescout Technologies has disclosed the details of three new vulnerabilities identified by its researchers in operational technology (OT) products from...

November 29, 2022

Ransomware Gang Takes Credit for Maple Leaf Foods Hack

The Black Basta ransomware group has taken credit for the recently disclosed attack on Canadian meat giant Maple Leaf Foods....

November 29, 2022

Vulnerability in Acer Laptops Allows Attackers to Disable Secure Boot

A vulnerability impacting multiple Acer laptop models could allow an attacker to disable the Secure Boot feature and bypass security...

November 29, 2022

Cybercriminals Selling Access to Networks Compromised via Recent Fortinet Vulnerability

Security researchers at Cyble have observed initial access brokers (IABs) selling access to enterprise networks likely compromised via a recently...

PREVENTATIVE RESOURCES

Governmental and Law Enforcement

Legal Matters

Insurance Resources

In Case of Cyber Attack Emergency

If a ransomware incident occurs at your organization, CISA, FBI, and NSA recommend the following actions:

Follow the Ransomware Response Checklist on p. 11 of the CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide
Scan your backups. If possible, scan your backup data with an antivirus program to check that it is free of malware.
Report incidents immediately to CISA at https://us-cert.cisa.gov/report, a local FBI Field Office, or U.S. Secret Service Field Office
Apply incident response best practices found in the joint advisory from Australia, Canada, New Zealand, the United Kingdom, and the United States on Technical Approaches to Uncovering and Remediating Malicious Activity.

Contact your Local FBI Office - https://www.fbi.gov/contact-us/field-offices

Report a Complaint to the FBI’s Internet Criminal Complaint Center: www.IC3.gov

Technical Expertise/Crisis Communications

RansomwareClock.org

RansomwareClock.org

ALL RIGHTS RESERVED 2022

RansomwareClock.org

ALL RIGHTS RESERVED 2021