Ransomware payments surpassed $1 billion in 2023, marking a record peak following a decrease in 2022, according to the latest chapter of Chainalysis’ 2024 Crypto Crime Report.
A form of malicious software that infiltrates computer networks, ransomware can range from simply restricting system access without damaging victims’ files, or in most cases, involves encrypting files and demanding payment in exchange for the decryption keys.
According to the report, these attacks in 2023 were perpetrated by a diverse array of actors, including large syndicates, smaller groups and individuals and experts say that their numbers are on the rise.
The study added that despite the drop in payment volume in 2022, the overall trend from 2019 to 2023 suggests that ransomware remains a growing concern.
As Hanah-Marie Darley, head of threat research at the U.K.-based cybersecurity firm Darktrace, told PYMNTS last year, “We are unlikely to see ransomware go away anytime soon and attackers will pivot to new methods of financial gain.”
Moreover, its impact is felt across all sectors. PYMNTS recently reported that “at least” 60 credit unions (CUs) were rendered inoperable by ransomware attacks towards the end of 2023, resulting in a major disruption that prevented about 100,000 CU members from accessing their digital accounts for three weeks beginning in late November.
In January of last year, fast-food company Yum Brands disclosed that 300 restaurant branches in the U.K. had been forced to close for 24 hours due to a ransomware attack that disrupted its IT systems. Although the company acknowledged that data was breached, it reassured that no customer information had been compromised.
And in November, the Industrial and Commercial Bank of China (ICBC), China’s largest lender, disconnected itself from an electronic settlement platform for the U.S. Treasury securities operated by BNY Mellon after a ransomware attack disrupted some of its systems.
2023 also a series of major ransomware attacks on European firms, with criminal organizations targeting the British postal system, the French justice department, and the German pension manager Heubeck AG, among others.
The healthcare sector is also facing an increasing onslaught of ransomware attacks. According to the Institute for Security and Technology, nearly 300 hospitals were victims of ransomware attacks in 2023, putting thousands of patients at risk.
In November, for instance, Ardent Health Services, a healthcare chain managing 30 hospitals across six states, was compelled to redirect patients from select emergency rooms to alternative hospitals and delay certain elective procedures due to a ransomware attack.
Following the cyberattack on Nov. 23, Ardent opted to shut down its network, explaining in a statement it had halted user access to information technology applications, including software used for documenting patient care.
And more recently, Chicago’s largest children’s hospital, Ann & Robert H. Lurie Children’s, is now in its second week of limited service as it endeavors to recover from what is believed to be a ransomware attack.
The confirmed attack forced the hospital to shut down its network systems on Jan. 31, impacting phones, email and electronic health systems as well as access to MyChart, a patient family portal. Consequently, parents have been struggling to seek care for their children or contact healthcare professionals ever since.
The growing frequency and sophistication of these attacks underscores the need to enhance security systems, as highlighted in a recent report by PYMNTS Intelligence.
As per the research, the share of financial institutions (FIs) employing artificial intelligence (AI) and machine learning (ML) technologies to tackle fraud and financial crimes has surged from around 34% to 70% between 2022 and 2023 — an uptick which reflects the adoption of advanced technologies to address increasingly sophisticated attacks.
The encouraging news is that FIs embracing these technologies are witnessing positive outcomes. The report highlights that those employing AI or ML are “likelier to experience a decrease in the overall fraud rate and less likely to see an increase in the overall fraud rate.”
For hospitals yet to explore these technologies, considering the implementation of AI and ML could prove beneficial in mitigating these fraudulent activities.