Infocredit presents key findings from RiskRecon’s 10-year study on ransomware incidents, highlighting not only the scale of the threat but also the patterns that determine which organizations are most at risk. Key insights include:

One in 100 vendors may be hit each year
Even organizations with strong defenses face risk, as a supplier breach can trigger ripple effects.

Strong cyber hygiene reduces ransomware risk by 5.3x
Companies rated A by RiskRecon experienced significantly lower ransomware rates than those rated D or F. Proper security management is critical.

No industry is safe
Sectors such as healthcare, education, city governments, casinos, and cruise lines have all been targeted. Attackers seek opportunity, not a specific sector.

No geography is spared
Ransomware incidents were recorded in 134 countries, from the U.S. to remote island nations.

Ransomware doesn’t take holidays
Attacks occur 24/7, with spikes on weekends and holidays when defenses are thinner.

Prepare for the long haul
The number of active ransomware groups rose from 4 in 2017 to 86 in 2024, with the trend continuing upward.

Overall, RiskRecon’s findings emphasize that ransomware is a systemic, persistent threat. Organizations that prioritize strong cyber hygiene and continuous monitoring can significantly improve their resilience.

Reference by Riskrecon by Mastercard