Delinea recently published its annual “State of Ransomware” report which shows that ransomware attacks are increasing again and reveals a change in strategy among cybercriminals. The familiar tactics of crippling a company and holding it hostage have been replaced by new strategies that use stealth to exfiltrate private and sensitive data. Cybercriminals then frequently threaten to sell it to the highest bidder on the darknet or leverage it to reap a handsome cyber insurance payment.

The report analyzed data from a Censuswide survey of more than 300 U.S. IT and Security decision-makers to identify significant changes compared to data from the previous year’s report and uncover new possible trends. First and foremost, ransomware is back on the rise. Although not back at the levels of 2021, the number of organizations claiming to have been a victim of ransomware in the past 12 months more than doubled since last year, from 25% to 53%. Mid-sized companies appeared to be in cybercriminals’ crosshairs the most, with 65% stating they’ve been a ransomware victim over the past 12 months.

Key report highlights

  • Organizations are paying ransoms more frequently, up to 76% from 68% the prior year.
  • There are emerging trends in motivations, strategies and tactics for ransomware attacks. Data exfiltration has become a preferred goal for the attackers, registering an increase of 39% (reported by 64% of respondents, up from 46%). This trend is also evidenced by the downturn of traditional money grabs as the main motivation (34%, down from 69% the year before).
  • Cyber criminals are modifying their tactics, moving away from using email as a preferred attack vector (down from 52% to 37%), now targeting cloud (44%) and compromised applications (39%) instead. 
  • 91% indicated that they have specific budget allocations for ransomware, up from 68% in 2022, but only 61% (down from 76%) said security budgets were allocated following an attack.