A year ago, there appeared to be a glimmer of hope in the cybersecurity industry's long war of attrition against ransomware gangs. In 2022, fewer companies are likely to fall victim to these hackers and pay ransoms, leading to less revenue for cybercriminals from their ruthless attacks. Perhaps a combination of improved security measures, increased law enforcement focus, international sanctions against ransomware operators, and oversight of the cryptocurrency industry could actually defeat the ransomware scourge. yeah.
Hmm, no. It appears that this pause was just a pause until ransomware became one of the most profitable in the world. of The most destructive form of cybercrime. In fact, 2023 was the worst year ever.
On Wednesday, crypto tracking firm Chainalysis released new numbers in its annual crime report showing ransomware payments will exceed $1.1 billion in 2023, based on tracking payments across the blockchain. . This is the highest number Chainalysis has ever measured in a single year, and almost double the previous year. In fact, the company is currently showing that its ransom payments in 2022 were relatively low at $567 million, as total extortion transactions have steadily increased since 2020 towards the current 10-digit record. It is described as “abnormal.”
“It’s like we picked up right where we left off, the real onslaught of 2020 and 2021 COVID-19,” said Jackie Burns Coven, head of threat intelligence at Chaineries. “It feels very much like the gloves are off.”
The record extortion payout of more than $1 billion was in part the result of a huge number of ransomware attacks in 2023. Cybersecurity firm Record Future counted 4,399 ransomware attacks last year, based on news reports and public lists of ransomware gangs. This is a common tactic used by the group to pressure victims by threatening to release stolen data. By comparison, in 2022 he had a total of just 2,581 attacks, and in 2021 he had 2,866.
The surge in the number of attacks appears to be offsetting a more positive trend. Statistics show that fewer ransomware victims are paying ransoms demanded by hackers. According to data from Coveware, an incident response company that frequently negotiates with ransomware criminal organizations on behalf of victims, only 29 percent of ransomware victims paid a ransom in the fourth quarter of 2023. This was a significant decrease compared to the 70% to 80% payout rate for those with disabilities. Most of 2019 and 2020.
However, even as fewer victims pay, the total amount collected by ransomware gangs is increasing as more cybercriminals are drawn to the lucrative industry and carry out more attacks. Allan Liska, a threat intelligence analyst at Recorded Future, said the public nature of ransomware acts as a form of advertising, always attracting more opportunistic hackers, like a shark sniffing out blood in the water. I claim that there is. “everyone I can see All these ransomware attacks,” Liska said. “Criminals tend to congregate where they see money to be made.”
Chainalysis also reported that the record $1.1 billion in ransoms paid in 2023 was due to ransomware hackers demanding large amounts of money from their victims, many of whom would not be able to withstand a devastating attack. They point out that the companies were carefully selected taking into account both their financial performance and their ability to pay. It's called “big game hunting.” As a result, in 2023, nearly 75% of his total ransomware payouts came from transactions over $1 million, compared to just 60% in 2021.
