Power Rankings: Ransomware Malicious Quartile Q3-2023

Written by
Anthony M. Freed
Published on
Nov 30, 2023

Ransomware poses an existential threat to organizations of all sizes in any vertical, and attacks continue to be extremely lucrative with ransom demands and recovery costs bleeding victim organizations for millions of dollars.    

Ransomware-as-a-Service (RaaS) and other operators are implementing novel evasion techniques into their payloads specifically designed to evade or completely circumvent traditional endpoint protection solutions.  

The Halcyon team of ransomware experts has put together this extortion group power rankings guide as a quick reference for the extortion threat landscape based on data from throughout Q3- 2023, which can be reviewed with earlier reports here: Power Rankings: Ransomware Malicious Quartile.

The report finds that attackers are getting more efficient at exploiting vulnerabilities, and this trend is likely to continue as threat actors automate aspects of their attack sequences. We see evidence of this automation in the hundreds of organizations that have been hit by just one ransomware group exploiting one patchable vulnerability in early 2023.    

This mass exploitation wave is also evidence that ransomware gangs are increasingly leveraging automation to identify and target exposed organizations who have not patched against known vulnerabilities, which is why we are seeing so many new victims.    

The annual impact from ransomware attacks in the US alone is estimated to be more than $20 billion dollars. This figure does not include additional incident response costs, tangential costs, damage to the brand, lost revenue, lost production from downed systems, and other collateral damage.  

And the above figures did not even include the ransom payment, the long-term damage to an organizations’ brand (loss of consumer trust), increased cyber insurance premiums, legal fees, or lost revenue which can far exceed remediation costs – and we have not even gotten to the potential impact from data exfiltration.  

These days, ransomware operators don’t just brick your systems and ask for a ransom payment, they first steal sensitive data to use as leverage by threatening to leak it publicly. For many organizations this exposure of customer data has regulatory implications and can lead to lawsuits and fines.    

Additionally, sensitive data on corporate transactions, R&D, patents, etc. can end up in the attackers' hands and be sold to the highest bidder on dark web forums or end up in the hands of a competitor.  

While larger organizations may be able to absorb these costs, this potentially represents an existential threat to smaller companies and their employees’ jobs.  

If your organization is not prioritizing anti-ransomware defenses, you should really be asking why not...

Q3-2023 Trends

Some interesting trends emerged in the third quarter of 2023:


Organizational Risk



Ransomware is big business, and the financial impact of ransomware attacks is one we all bear as it becomes a significant drag on our economy. The only way we can counter its growth is to disincentivize the attackers.

Ransomware attacks can do more damage to an organization than simply impacting the bottom line, they have the potential to damage brand, increase insurance costs, force budget cuts and layoffs, negatively impact stakeholders and even put victim organizations and their CXOs and BoDs in legal jeopardy.

The ransomware threat is very real, the problem is seemingly growing exponentially, and executive leadership at organizations are struggling with how best to deal with both preparing to defend against attacks as well as what to do to protect the organization after a successful attack.

The only way we can counter its growth as a major industry vertical is to disincentivize the attackers. The only way to disincentivize them is to make ransomware attacks unprofitable, and unfortunately, we are still a long, long way from accomplishing that.

Halcyon.ai is the industry’s first dedicated, adaptive security platform that combines multiple advanced proprietary prevention engines along with AI models focused specifically on stopping ransomware – talk to a Halcyon expert today to find out more. Halcyon also publishes a quarterly RaaS and extortion group reference guide, Power Rankings: Ransomware Malicious Quartile, and check out the Recent Ransomware Attacks resource site.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.