A recent report from the cyber insurance provider Coalition indicates a significant rise in the costs associated with ransomware attacks in 2024. The average ransom demand has now reached an alarming $1.3 million, with certain variants such as Play and BlackSuit requesting as much as $4.3 million for decryption. In the first half of 2024 alone, the severity of ransomware incidents surged by 68% compared to the previous six months. However, the average loss incurred after negotiations decreased to $353,000, which is a 12% drop from the average loss of $401,766 during the same period in 2023.
Despite the rising costs and increased severity of attacks, the overall frequency of ransomware incidents has decreased by 10%, with one in 280 insured businesses being affected. This decline is particularly noteworthy against the backdrop of a 34% increase in ransomware incidents reported in Canada. The report highlights that while ransomware frequency remains stable in the United States, the Canadian landscape is witnessing a troubling uptick, indicating that businesses must remain vigilant regardless of their location.
The report also points out that ransomware attacks are often seasonal, with predictable spikes during winter holidays and drops in the summer months. This pattern suggests that threat actors may be strategically timing their attacks to exploit periods when businesses are less responsive. Additionally, the report identifies business email compromise as a leading cyber event, accounting for nearly a third of all claims, alongside other significant disruptions affecting various industries.
In response to the evolving threat landscape, Coalition recommends that businesses adopt robust security measures such as enforcing multi-factor authentication for all VPN users and ensuring that systems are running the latest firmware. The report emphasizes that exposed login panels have more than tripled the likelihood of experiencing a claim, underlining the importance of safeguarding against known vulnerabilities and adopting proactive cybersecurity practices to mitigate risks. As the costs of ransomware continue to rise, organizations must prioritize their cybersecurity strategies to protect against these increasingly sophisticated threats.
