Key Takeaways
- In 2023, ransomware attacks increased by 73% year-over-year, affecting over 2,200 organizations worldwide according to the Emsisoft Ransomware Report
- The average ransomware payout in 2023 reached $1.54 million, a 70% increase from 2022 as reported by Sophos State of Ransomware 2023
- 66% of ransomware victims paid the ransom in 2023, up from 46% in 2022 per Sophos survey of 3,000 IT leaders
- Phishing emails increased by 58% in 2023, with 300 million daily attempts reported by APWG
- 36% of all data breaches in 2023 started with phishing per Verizon DBIR 2024
- Average click rate on phishing emails was 12% in simulated tests by Proofpoint 2023
- DDoS attacks surged 200% in 2023 to 9.3 million incidents, per Cloudflare Q4 DDoS Threat Report
- Average DDoS attack duration was 10 hours in 2023, with peaks at 3Tbps, Cloudflare
- Gaming and gambling sectors faced 45% of all DDoS attacks in 2023, Cloudflare data
- Global data breaches exposed 4.37 billion records in 2023, per Surfshark Privacy Risk Report
- Average cost of a data breach hit $4.45 million in 2023, highest ever per IBM Cost of Data Breach Report
- 83% of breaches involved external actors, 10% internal per Verizon DBIR 2024 analyzing 30K incidents
- New malware variants discovered at 450K per day in 2023, AV-TEST Institute
- 5.5 billion malware attacks blocked in 2023 by Cisco, up 10% YoY
- Emotet malware infected 1.7 million systems before takedown resurgence 2023, Sophos
Ransomware attacks surged dramatically in 2023, with more victims paying higher ransoms.
DDoS
- DDoS attacks surged 200% in 2023 to 9.3 million incidents, per Cloudflare Q4 DDoS Threat Report
- Average DDoS attack duration was 10 hours in 2023, with peaks at 3Tbps, Cloudflare
- Gaming and gambling sectors faced 45% of all DDoS attacks in 2023, Cloudflare data
- HTTP DDoS floods accounted for 70% of volumetric attacks in 2023, Akamai State of DDoS 2023
- 1.8 million DDoS attacks mitigated by Google in 2023, up 50% YoY, Google Cloud Security
- Ransom DDoS (RDDoS) demands averaged $50K in 2023, affecting 20% of attacks, Netscout 2H2023 report
- UDP floods were 25% of DDoS attacks in 2023, largest at 2.5Tbps, Cloudflare
- Financial services DDoS up 300% during crypto volatility 2023, Akamai
- 60% of DDoS used amplification techniques like NTP in 2023, Imperva Bad Bot Report
- Ukraine-related DDoS attacks hit 6,000 orgs in 2023, up from 2022, Cloudflare
- Average cost of DDoS attack to business was $53K per hour downtime 2023, Ponemon via A10 Networks
- IoT botnets like Mirai variants powered 40% of DDoS in 2023, Netscout
- Multi-vector DDoS attacks rose to 30% of total in 2023, Akamai data
- Telecom sector absorbed 1.2Tbps DDoS in single attack Oct 2023, Cloudflare
- 94% of orgs experienced DDoS in 2023, up from 70% prior year, Forbes study
- DNS DDoS attacks up 150% to 500K incidents 2023, EfficientIP
- E-commerce DDoS peaked at 5M rps during holidays 2023, Cloudflare
- State-sponsored DDoS targeted elections in 15 countries 2023, Microsoft DST
- SYN flood DDoS variant hit 1.5Tbps average in 2023, Akamai
- 25% of DDoS lasted under 10 minutes but caused max damage 2023, Imperva
- APAC region saw 40% of global DDoS volume in 2023, Netscout
- Ransomware gangs used DDoS as distraction in 15% cases 2023, Cloudflare
- MEMCACHED amplification DDoS reached 1.8Tbps record 2023, Akamai
- Education DDoS up 200% during exam seasons 2023, Cloudflare
- Global DDoS capacity grew to 15.4Tbps in 2023 threat landscape, Netscout
DDoS Interpretation
Data Breaches
- Global data breaches exposed 4.37 billion records in 2023, per Surfshark Privacy Risk Report
- Average cost of a data breach hit $4.45 million in 2023, highest ever per IBM Cost of Data Breach Report
- 83% of breaches involved external actors, 10% internal per Verizon DBIR 2024 analyzing 30K incidents
- MOVEit vulnerability led to 2,700 orgs breached, 60M records in 2023, HHS alert
- US had 3,205 data breaches reported in 2023, Identity Theft Resource Center
- Healthcare breaches cost $10.93M average, highest industry 2023 IBM report
- Stolen credentials caused 19% of breaches in 2023, Verizon DBIR
- 74% of breaches included human element like error or phishing, Verizon 2024
- Change Healthcare breach exposed 1/3 of Americans' data in 2024 from 2023 attack
- Financial sector average breach cost $4.96M in 2023, IBM data
- 16,000 breaches analyzed showed 15% involved ransomware in 2023, Verizon
- Public cloud breaches up 4.5 months detection time to 267 days 2023, IBM
- 540 million personal records exposed in 2,839 US breaches 2023, ITRC
- Magecart attacks breached 100+ e-commerce sites exposing cards 2023, RiskIQ
- Average breach detection took 204 days, containment 73 days in 2023, IBM
- Retail breaches averaged $3.37M cost but fastest response at 55 days 2023, IBM
- 49% of breaches exploited vulnerabilities, median cost $4.88M 2023 Verizon
- Snowflake breaches affected 165 orgs, 100M+ records stolen 2023-24, Mandiant
- Energy sector breaches up 40% costing $4.72M avg 2023 IBM
- 3 billion records compromised globally in first half 2023 alone, Surfshark
- Insider breaches 19% of total, costing $4.88M avg 2023 IBM
- 80% of breaches involved compromised identities 2023, Okta report
- Education breaches exposed 4.5M records avg cost $3.91M 2023 IBM
- Supply chain breaches like SolarWinds affected 18K orgs ongoing from 2020-2023 impacts
- 28% of breaches financial gain motivated 2023 Verizon DBIR
- Pharma breaches cost $4.44M avg, 277 days full lifecycle 2023 IBM
Data Breaches Interpretation
Malware
- New malware variants discovered at 450K per day in 2023, AV-TEST Institute
- 5.5 billion malware attacks blocked in 2023 by Cisco, up 10% YoY
- Emotet malware infected 1.7 million systems before takedown resurgence 2023, Sophos
- Mobile malware samples grew to 12.7 million unique in 2023, Kaspersky
- 389K new ransomware samples detected daily average 2023, Malwarebytes Labs
- 94% of malware uses obfuscation techniques per 2023 SonicWall Cyber Threat Report
- Android malware attacks up 30% to 2.8M apps blocked 2023, Zimperium
- Fileless malware incidents rose 225% in 2023, CrowdStrike 2024 Global Threat Report
- 1 in 10 downloads contained malware in 2023, per Malwarebytes scan data
- Banking trojans like TrickBot evolved to infect 500K endpoints 2023, HP Wolf Security
- IoT malware infections hit 1.5 billion devices attempted 2023, Check Point
- Cryptojacking malware mined $2.5B in crypto via 2023 attacks, SonicWall
- 60% of enterprises hit by malware weekly 2023, Cisco Annual Cybersecurity Report
- Spyware detections up 50% to 1.2M samples 2023, Kaspersky Security Bulletin
- Supply chain malware like 3CX affected 10K orgs 2023, SentinelOne
- MacOS malware up 50% with Atomic Stealer targeting crypto 2023, SentinelLabs
- 2.8 million phishing sites delivered malware in 2023, APWG via Zscaler's data
- RATs (remote access trojans) in 20% of targeted attacks 2023, CrowdStrike
- Linux malware variants tripled to 150K in 2023, Dr.Web
- Wiper malware used in 10 geopolitical attacks destroying 1TB+ data 2023, ESET
- Downloader malware led to 40% secondary infections 2023, Malwarebytes
- 75% of malware evaded initial AV detection in 2023 tests, AV-Comparatives
- Adware affected 1 in 25 downloads, 150M detections 2023 Cisco
- EDR evasion malware rose 60% in enterprises 2023, Elastic Security
Malware Interpretation
Phishing
- Phishing emails increased by 58% in 2023, with 300 million daily attempts reported by APWG
- 36% of all data breaches in 2023 started with phishing per Verizon DBIR 2024
- Average click rate on phishing emails was 12% in simulated tests by Proofpoint 2023
- Spear-phishing attacks rose 20% YoY to 1.2 million incidents in 2023, KnowBe4 report
- 90% of successful breaches involved phishing or social engineering per IBM Cost of Data Breach 2023
- Business email compromise (BEC) via phishing cost $2.9 billion in 2023, FBI IC3
- 84% of organizations faced phishing attempts weekly in 2023, Proofpoint survey of 7,500 orgs
- Phishing success rate dropped to 3.4% in 2023 due to training, but still caused 16% of breaches, Verizon DBIR
- Mobile phishing (smishing) attacks up 400% in 2023, Zscaler's ThreatLabz
- 68% of phishing sites used HTTPS in 2023 to appear legitimate, APWG Q4 report
- Finance sector received 25% of all phishing attacks in 2023, APWG data
- Vishing (voice phishing) incidents rose 31% to 500K in 2023, Group-IB
- 1 in 99 emails was malicious in 2023, per Proofpoint analysis of 2.6T emails
- Phishing accounted for 44% of initial access in 2023 breaches, Verizon DBIR covering 16K incidents
- Average BEC phishing scam stole $120K per incident in 2023, FBI IC3
- 75% of phishing simulations tricked execs in 2023 tests, KnowBe4 benchmarking
- URL phishing decreased 15% but attachment phishing up 10% in 2023, APWG
- Healthcare phishing attacks up 33% in 2023, targeting patient data, Proofpoint
- 22% of orgs reported CEO fraud phishing success in 2023, Verizon DBIR
- Phishing kits sold on dark web averaged $500 each, used in 60% attacks 2023, Group-IB
- Retail phishing peaked during Black Friday 2023 with 2M attacks daily, Zscaler
- 55% of phishing used AI-generated content in late 2023, Proofpoint
- Education sector phishing click rate 15.8%, highest industry 2023, KnowBe4
- 300 billion phishing emails sent annually projected for 2024 from 2023 trends, APWG
- Multi-channel phishing (email+SMS) up 50% in 2023, Proofpoint
- 40% of breaches from stolen credentials via phishing, IBM 2023
Phishing Interpretation
Ransomware
- In 2023, ransomware attacks increased by 73% year-over-year, affecting over 2,200 organizations worldwide according to the Emsisoft Ransomware Report
- The average ransomware payout in 2023 reached $1.54 million, a 70% increase from 2022 as reported by Sophos State of Ransomware 2023
- 66% of ransomware victims paid the ransom in 2023, up from 46% in 2022 per Sophos survey of 3,000 IT leaders
- Healthcare sector saw 148 ransomware attacks in Q1 2024 alone, highest among industries per Emsisoft
- LockBit ransomware group claimed responsibility for 30% of all attacks tracked in 2023 by Chainalysis
- Average recovery time from ransomware attacks was 24 days in 2023, per Sophos, costing organizations $1.82M on average
- 75% of ransomware attacks in manufacturing involved data exfiltration before encryption in 2023, Sophos report
- Ransomware demands averaged $2.73 million in Q1 2024, with median at $1 million per Emsisoft
- Education sector faced 20% of all ransomware incidents in 2023, impacting 500+ schools per FBI IC3 report
- BlackCat/ALPHV ransomware earned $300 million in 2023 before shutdown, per FBI estimates
- 93% of ransomware attacks in 2023 used phishing as initial vector per Coveware Q4 2023 report
- Average downtime from ransomware was 21 days for large enterprises in 2023, Sophos data
- Conti ransomware variant was used in 25% of attacks mid-2023 before splintering, Chainalysis
- Public sector ransomware victims rose 18% in 2023, affecting 300+ entities per Emsisoft annual tally
- Ransom payments hit $1.1 billion in 2023, double from 2022 per Chainalysis Crypto Crime Report
- 40% of ransomware attacks targeted US organizations in 2023, highest globally per Sophos
- Average cost to remediate ransomware excluding ransom was $1.25M in 2023, Coveware
- LockBit 3.0 exploited 15 zero-days in 2023, per Recorded Future
- 62% of mid-sized businesses hit by ransomware in 2023 couldn't recover data without paying, Sophos
- Q1 2024 saw 387 ransomware victims publicly disclosed, up 18% YoY, Emsisoft
- Akira group focused on Windows SMB exploits in 35% of their 2023 attacks, Coveware
- 50% of ransomware groups offered negotiation services in 2023 to reduce payouts, Chainalysis
- Retail sector ransomware incidents up 50% in 2023, impacting holiday sales, Sophos
- Median ransom paid dropped to $300K in Q4 2023 due to law enforcement, Coveware
- 80% of ransomware attacks in 2023 involved RaaS model, per Group-IB Hi-Tech Crime Trends
- Energy sector faced 12 major ransomware attacks in 2023, causing outages, Emsisoft
- Play ransomware leaked data from 400 victims in 2023, highest volume, Chainalysis
- 70% of organizations hit multiple times by ransomware in 2023, Sophos survey
- Average ransomware attack cost SMBs $2.73M including lost revenue in 2023, Sophos
- Royal ransomware used in 10% of attacks Q1 2024, exploiting VPN flaws, Emsisoft
Ransomware Interpretation
Sources & References
- Reference 1EMSISOFTemsisoft.comVisit source
- Reference 2SOPHOSsophos.comVisit source
- Reference 3CHAINALYSISchainalysis.comVisit source
- Reference 4IC3ic3.govVisit source
- Reference 5FBIfbi.govVisit source
- Reference 6COVEWAREcoveware.comVisit source
- Reference 7RECORDEDFUTURErecordedfuture.comVisit source
- Reference 8GROUP-IBgroup-ib.comVisit source
- Reference 9DOCSdocs.apwg.orgVisit source
- Reference 10VERIZONverizon.comVisit source
- Reference 11PROOFPOINTproofpoint.comVisit source
- Reference 12KNOWBE4knowbe4.comVisit source
- Reference 13IBMibm.comVisit source
- Reference 14ZSCALERzscaler.comVisit source
- Reference 15BLOGblog.cloudflare.comVisit source
- Reference 16AKAMAIakamai.comVisit source
- Reference 17CLOUDcloud.google.comVisit source
- Reference 18NETSCOUTnetscout.comVisit source
- Reference 19IMPERVAimperva.comVisit source
- Reference 20A10NETWORKSa10networks.comVisit source
- Reference 21FORBESforbes.comVisit source
- Reference 22EFFICIENTIPefficientip.comVisit source
- Reference 23MICROSOFTmicrosoft.comVisit source
- Reference 24SURFSHARKsurfshark.comVisit source
- Reference 25HHShhs.govVisit source
- Reference 26IDTHEFTCENTERidtheftcenter.orgVisit source
- Reference 27RISKIQriskiq.comVisit source
- Reference 28OKTAokta.comVisit source
- Reference 29CISAcisa.govVisit source
- Reference 30AV-TESTav-test.orgVisit source
- Reference 31CISCOcisco.comVisit source
- Reference 32SECURELISTsecurelist.comVisit source
- Reference 33MALWAREBYTESmalwarebytes.comVisit source
- Reference 34SONICWALLsonicwall.comVisit source
- Reference 35ZIMPERIUMzimperium.comVisit source
- Reference 36CROWDSTRIKEcrowdstrike.comVisit source
- Reference 37THREATRESEARCHthreatresearch.ext.hp.comVisit source
- Reference 38RESEARCHresearch.checkpoint.comVisit source
- Reference 39SENTINELONEsentinelone.comVisit source
- Reference 40NEWSnews.drweb.comVisit source
- Reference 41WELIVESECURITYwelivesecurity.comVisit source
- Reference 42AV-COMPARATIVESav-comparatives.orgVisit source
- Reference 43ELASTICelastic.coVisit source





