There is a surge in large-scale hacking attacks with widespread destructive effects. After a lull in 2022, ransomware attacks against high-value targets such as large companies, banks, hospitals or government agencies have seen a "significant rise" this year, with a 51% increase as of the end of November, according to data from cybersecurity firm Crowdstrike Holdings Inc. The company said there were fewer such attacks last year than the year before.


And these vulnerabilities cause more losses to victims. According to blockchain analysis company Chainalysis Inc. According to data, by September, ransom payments to hackers holding systems "hostage" had increased by nearly half, totaling nearly $500 million.

"Cyber ​​activity is at an all-time high," said Nikesh Arora, CEO of cybersecurity firm Palo Alto Networks. In a recent conference call with investors, Arora specifically noted that ransomware attacks are increasing in frequency and severity. "Bad actors cause damage in a shorter period of time," he said.

Just in the past few months, hackers have crippled shipping at some of Australia's largest ports, wreaked havoc on Las Vegas casinos, caused a shortage of Clorox disinfectant wipes and garbage bags and disrupted the clearing of some Treasury market trades.

A report released last month by Orange Cyberdefense, the cybersecurity arm of French telecommunications service provider Orange SA, showed that the number of victims of cyber extortion (including ransomware) in the first three quarters of 2023 was already 33% higher than the whole of last year. Of the approximately 2,900 new victims known, most are concentrated in the United States, United Kingdom and Canada, with increasing numbers also occurring in India, the Pacific Islands and Africa, the report said. This year marks the highest number of victims on record in Orange County.

The surge in attack activity is even more dramatic after measures were taken to slow down ransomware attacks last year.

These high-profile data breaches reflect how easy it is now to launch an attack and how huge profits can be made from it. An almost endless supply of potential victims has fueled an increase in criminal activity, with the aim of indiscriminately exploiting as many targets as possible. Experts say the odds of a hacker successfully getting paid are directly proportional to the amount of damage they wreak on a victim's computer system.

This problem is difficult for law enforcement to control. One reason is that many victims, desperate to recover their data or keep it off the dark web, or both, end up paying the ransom, which fuels further attacks. Another reason is the size and global nature of the industry, as many hackers are based in countries that offer them safe havens.

Bill Siegel, CEO of ransomware incident response company Coveware, said increased awareness has prompted many organizations to invest in backup infrastructure that can be activated during emergency and cyber incident response training, allowing them to negotiate lower payments with hackers or avoid payments altogether.

Siegel said the total amount paid to cyberextortioners has actually dropped 20% this year. However, when victims pay, the average amount is increasing, reaching $851,000 in the third quarter of this year, according to Coveware.