A report from security firm Emsisoft reveals a significant surge in ransomware attacks in the United States, comparing data from 2022 to 2023. The number of confirmed, successful attacks increased from 220 to 321 during this period. Notably, victims included 60% more hospital systems, 82% more K-12 school districts, and 48% more post-secondary schools. While the number of known government victims decreased by 11%, the overall impact indicates a worsening trend in ransomware damage, causing disruption across various sectors.
In 2023, a total of 46 hospital groups and 48 school district victims were affected, comprising 141 hospitals and 1,899 schools, respectively. The report does not include the massive MOVEit campaign in May, where the Clop ransomware group targeted users of secure file-transfer software, affecting over 2,700 organizations and exposing personal information for 93 million individuals.
The rising ransomware threat is exacerbated by incomplete reporting, as not all victims publicly disclose attacks. Some victims use obfuscating language, referring to incidents as “encryption events,” complicating efforts to comprehensively track and address this type of cybercrime.
The statistics underscore the urgent need for enhanced cybersecurity measures, especially in critical sectors such as healthcare and education, where attacks have seen a concerning increase. The impact of ransomware extends beyond the immediate disruption, as victims often face the dilemma of paying ransoms or dealing with the potential exposure of sensitive information. The report highlights the severity of the ransomware threat, emphasizing the importance of robust cybersecurity practices, threat intelligence, and incident response capabilities to protect organizations and individuals from these malicious attacks.
