The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported.

Ransomware attackers have the ability to potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

The annual FBI Crime Report provides detailed statistics on crime at the national, state, and local levels. In this article, we will look at the 2023 report and explore the most important cybersecurity stats and how to prevent them.

What Is the FBI Crime Report?

The FBI crime report is a program established by the FBI to gather and disseminate information regarding crime in the United States. With data from thousands of law enforcement agencies—including local police departments, sheriff’s offices, state police, and federal law enforcement agencies—it is considered one of the most comprehensive sources of crime statistics in the country.

The FBI crime report serves a few different purposes:

• Help the public understand trends in crime rates over time
• Assess the effectiveness of law enforcement strategies and policies
• Assist organizations in better allocating resources for cybercrime prevention.

All that said, let’s hop into some of the main headlines from the report. 

Key Findings of the 2023 FBI Crime Report

Here are some of the most important emerging trends, persistent challenges, and areas of progress, according to the FBI’s report. 

Finding #1: A Steep Increase in Complaints and Losses

One of the most significant findings of the latest Internet crime report is the increase in total complaints and total losses.

In 2023, there were 880,418 complaints, which resulted in $12.5 billion in losses. This marks a 22% rise compared to the previous year, which had 800,944 complaints and losses estimated at $20.3 billion. If we look at the total numbers of the last five years, that’s a total of $37.4 billion that ended up in the hands of malicious actors. 

As we mentioned in the introduction, these numbers are most likely higher, as many companies do not report when they have been victims of a ransomware attack or phishing attack.

Finding #2: The Most Widespread Type of Crime Is Phishing Emails

If we look at the top five types of crimes analyzed in the report, we can see that phishing remains the most common cause of concern in terms of theft of personal and financial information.

In 2023, there were 298,878 reports of entities falling victim to a phishing scam. This number is slightly lower than that for 2022 (300,497), but still much higher than the reports for personal data breach (55,851), non-delivery or non-payment (50,523), extortion (48,223), or tech support (37,560).

Other types of complaints included investment, BEC, identity theft, confidence or romance scams, employment, and government impersonation.

Finding #3: Healthcare is the Sector Most Affected by Ransomware Variants

The report also compared the different industry sectors that had been targeted by a successful ransomware attack and discovered that the first position belonged to healthcare and public health. There were, in fact, a total of 249 ransomware infection cases reported.

Other key areas, in order of severity, included critical manufacturing (218), government facilities (156), information technology (137), financial services (122), and commercial facilities (87). Of 16 critical infrastructure sectors that the report looked at, 14 had been ransomware victims on at least one occasion.

The most common ransomware variants used by ransomware gangs in 2023 were LOCKBIT (175 cases), ALPHV/BlackCat (100), Akira (95), Royal (63), and Black Basta (41).

Finding #4: The United States and the United Kingdom Made The Most Complaints

By far, the two countries with the most reported complaints of active ransomware infection, phishing incidents, and general internet security breaches were the United States with 521,652, and the United Kingdom with 288,355. These numbers are exceedingly high compared to all other complaints, which total 27,525 worldwide. Keep in mind though, that the FBI is a US-based organization, so it would make sense that most reports would originate there. However, things get a little more interesting when we look at the state-wide picture. 

Within the US, the top five states by number of complaints were:

• California (77,221 complaints and $2,159 million in losses)
• Texas (47,305 and $1,021 million)
• Florida (41,061 and $874 million)
• New York (26,948 and $750 million)
• Ohio (17,864 complaints but no reported losses in the top ten states)

This top five is followed by Arizona, Pennsylvania, Illinois, Michigan, and Washington. It’s worth mentioning that even though New Jersey didn’t have as many ransomware attacks, it still reported $441 million in losses.

For the remaining countries analyzed, Canada reported 6,601 cases, India 3,405, Nigeria 1,779, France 1,614, Australia 1,576, and Germany 1,571.

Finding #5: Investment Scams Led to the Biggest Losses

Although investment scams were not in the top five reported types of crimes, they were still responsible for causing the highest losses. These practices, which induce people to make purchases based on information that is false, tend to offer larger returns with minimum risk.

In 2023, the losses caused by investment fraud were reported at $4,570 million. This number does not include lost wages, time, files, or equipment, and does not take into account remediation services either.

In order of severity, the other biggest losses belonged to BEC (Business Email Compromise) with $2,946 billion, tech support with $924 million, personal data breaches with $744 million, and confidence or romance scams with $652 million.

How to Protect Your Organization Against Ransomware and Phishing Attacks

One of the best ways to protect your organization against ransomware and phishing is to use a comprehensive cybersecurity solution.

Thousands of organizations put their trust in Coro, which has been recognized as an industry leader that offers robust solutions to mitigate these threats effectively. We offer cybersecurity modules that easily snap together to create one of the most efficient stacks in the market.

We employ advanced ransomware detection and prevention measures to safeguard your organization’s data, using real-time monitoring and threat intelligence to identify and block ransomware threats before they can encrypt valuable files. Our comprehensive phishing defense mechanisms can also help you combat email-based threats, as Coro uses sophisticated email filtering techniques to identify and quarantine phishing emails before they reach end-users inboxes. What’s more, we also offer endpoint security solutions to protect devices across your organization’s network.

Coro y offers a uniquely holistic approach to protecting your organization against ransomware and phishing attacks. One interface, one endpoint agent, and one data engine. Learn more. 

Key Concepts

• BEC: Business Email Compromise, a type of cybercrime where attackers use compromised or spoofed email accounts to deceive individuals within an organization into transferring money or sensitive information.
• Botnet: A collection of two or more computers that are remotely controlled and manipulated for unlawful purposes, including Distributed Denial of Service (DDoS) attacks, Telephony Denial of Service (TDoS) attacks, and various other malicious activities.
• Phishing: A fraudulent attempt to obtain sensitive information, such as usernames, passwords, and credit card details, by disguising it as a trustworthy entity in electronic communication.
• Ransomware: Malicious software designed to block access to a computer system or data until a sum of money is paid.
• Sensitive data: Information that requires protection due to its potential to cause harm if disclosed, including personally identifiable information (PII), financial data, and intellectual property.
• Tech Support: An individual or a group or ransomware operators masquerading as technical or customer support/service personnel.