A 12 months in the past, there appeared to be a glimmer of hope within the cybersecurity trade’s long-running warfare of attrition in opposition to ransomware gangs. Fewer company victims of these hackers, it appeared, had paid ransoms in 2022, and cybercriminals have been incomes much less from their ruthless assaults. Maybe the cocktail of improved safety measures, elevated focus from regulation enforcement, worldwide sanctions on the ransomware operators, and scrutiny of the cryptocurrency trade might really beat the ransomware scourge.
Nicely, no. That respite seems to have been a mere hiccup on ransomware’s trajectory to turn out to be one of many world’s most worthwhile, and maybe the most disruptive, type of cybercrime. The truth is, 2023 was its worst 12 months ever.
On Wednesday, cryptocurrency-tracing agency Chainalysis revealed new numbers from its annual crime report exhibiting that ransomware funds exceeded $1.1 billion in 2023, primarily based on its monitoring of these funds throughout blockchains. That is the best quantity Chainalysis has measured for a single 12 months, and almost twice as a lot because the 12 months earlier than. Certainly, the corporate now describes 2022’s comparatively low $567 million in ransom funds as an “anomaly,” as whole extortion transactions have steadily grown since 2020 in direction of their present 10-figure document.
“It is like we have picked up proper the place we left off, the actual onslaught throughout Covid in 2020 and 2021,” says Jackie Burns Koven, head of risk intelligence at Chainalysis. “It feels very gloves-off.”
That record-breaking $1 billion-plus in extortion funds was a consequence, partly, of the sheer variety of ransomware assaults in 2023. Cybersecurity agency File Future counted 4,399 ransomware assaults final 12 months, primarily based on information stories and ransomware gangs’ public listings of victims on their dark-web websites, a tactic the teams usually use to stress victims whereas threatening to launch their stolen knowledge. That is in comparison with simply 2,581 whole assaults in 2022 and a pair of,866 in 2021.
The spike within the variety of assaults seems to have offset a extra optimistic development: By some counts, fewer victims of ransomware are paying the ransoms that hackers demand. In keeping with knowledge from the incident response agency Coveware, which incessantly negotiates with ransomware gangs on behalf of victims, solely 29 p.c of ransomware victims paid a ransom within the fourth quarter of 2023, a dramatic drop from fee charges between 70 p.c and 80 p.c for many of 2019 and 2020.
Whilst fewer victims are paying, nevertheless, the whole sum collected by ransomware gangs is nonetheless rising as extra cybercriminals are drawn to a profitable trade and perform extra assaults. Allan Liska, a risk intelligence analyst at Recorded Future, argues that the extremely public nature of ransomware serves as a type of promoting, consistently pulling in additional opportunistic hackers, like sharks who odor blood within the water. “Everyone sees all these ransomware assaults,” Liska says. “Criminals are likely to flock to the place they see the cash being made.”
