More numerous, more sophisticated and more expensive: ransomware attacks targeting businesses recorded a sharp increase in 2023, after a lull in 2022, according to several studies published in February.
“It is one of the main threats”
in terms of cybersecurity in the world, notes to AFP Todd Carroll, author of the annual report of the French cybersecurity start-up Cybelangel, which reports a jump in 40% of ransom demands.
And
“we are still far from having reached the peak
,” he warns.
To discover
PODCAST - Listen to the latest episode of our Tech Questions series
Ransomware, or
“ransomware,”
exploits security vulnerabilities of a company or individual to encrypt and block their computer systems, demanding a ransom to unlock them.
“The main reason for this increase is that companies are willing to pay
,” analyzes Todd Carroll.
A survey conducted by Cohesity among 900 IT decision-makers and cybersecurity managers from large Anglo-Saxon companies shows that nearly 80% of respondents say they were victims of a ransomware attack between last July and December.
“Nearly 90% of them say they have paid a ransom to restore their data, despite their organization's non-payment policy
,” specifies the American company, a specialist in data management and protection. .
According to the American company Chainalysis, a specialist in the study of cryptocurrency transactions, the amounts paid by victims reached
“a record level”
of $1.1 billion in 2023. Far from the $456.8 million in 2022. , the lowest level since 2019.
“75% of ransoms paid amounted to $1 million or more
,” she details in her latest study, which indicates that large companies are the main targets.
Read also Faced with the growing danger of digital attacks, the limits of cyber insurance
$2.6 million with ransom
In its report, CybelAngel estimates that the average cost of an attack was $1.82 million for a business.
The bill rises to $2.6 million if we include the payment of ransoms.
Among the most affected sectors are building and construction, information technology, education and health.
Last year, CybelAngel identified 62 ransomware hacker groups involved in more than 5,000 attacks.
They operate in small groups - from a few people to a dozen - mainly from Russia, China and countries in Eastern Europe and the Middle East.
The increase in these attacks can also be explained by the development of the on-demand software model (Raas, Ransomware as a Service) allowing the creators of ransomware to make it available to other hackers,
"affiliates"
, who take care of the attacks before sharing the winnings.
In France, 546 investigations concerning this type of attacks were opened in 2023, an increase of 30% compared to 2022, according to the Paris prosecutor's office which has national jurisdiction.
In its predictions for 2024, Russian cybersecurity company Kaspersky warns that cybercriminals could aim for even bigger targets:
“large companies”
and
“major logistics players”
face increased risks.
The French authorities also anticipate a considerable number of threats with the Paris Olympic Games (from July 26 to August 11).
At the beginning of December, an exercise simulating several simultaneous, high-level ransomware attacks was organized, bringing together several ministries (Interior, Justice, Health, etc.).
Others will follow between now and the opening ceremony.