Almost 65% of financial organisations worldwide reported experiencing a ransomware attack in 2023, according to data by Stocklytics.com. Data also revealed that ransomware made up about two-thirds of all reported cyberattacks.
Financial sector attacked
Sophos's State of Ransomware in Financial Services 2023 survey revealed that nearly 65% of financial organisations reported experiencing ransomware in 2023, increasing to 55% in 2022 and almost doubling to 34% in 2021. The sector also reported the highest encryption level in the last three years, rising to 81% in 2023 from 54% in 2022.
Emerging technologies, the prominence of ransomware marketplaces, and the accessibility of malware kits make the financial industry one of the most targeted sectors.
Ransom 8x more than in 2022
In 2023, the primary causes of ransomware attacks in the financial sector were exploited vulnerabilities (40%), compromised credentials (23%), and phishing (33%). The survey revealed that the average payment amount skyrocketed in 2023, when 43% of financial services organisations paid the ransom to recover their encrypted data, decreasing from 52% in 2022.
Moreover, the number of organisations paying higher ransoms has increased. In 2023, 40% of financial sector organisations paid one million dollars or more, logging an eight-times increase compared to 2022. Organisations that paid less than $100,000 remained unchanged at around 40%.