[ad_1]
A 12 months in the past, there appeared to be a glimmer of hope within the cybersecurity business’s long-running battle of attrition in opposition to ransomware gangs. Fewer company victims of these hackers, it appeared, had paid ransoms in 2022, and cybercriminals had been incomes much less from their ruthless attacks. Perhaps the cocktail of improved safety measures, elevated focus from legislation enforcement, international sanctions on the ransomware operators, and scrutiny of the cryptocurrency business might really beat the ransomware scourge.
Well, no. That respite seems to have been a mere hiccup on ransomware’s trajectory to grow to be one of many world’s most worthwhile, and maybe the most disruptive, type of cybercrime. In reality, 2023 was its worst 12 months ever.
On Wednesday, cryptocurrency-tracing agency Chainalysis published new numbers from its annual crime report exhibiting that ransomware funds exceeded $1.1 billion in 2023, based mostly on its monitoring of these funds throughout blockchains. That’s the very best quantity Chainalysis has measured for a single 12 months, and practically twice as a lot because the 12 months earlier than. Indeed, the corporate now describes 2022’s comparatively low $567 million in ransom funds as an “anomaly,” as whole extortion transactions have steadily grown since 2020 in direction of their present 10-figure file.
“It’s like we’ve picked up right where we left off, the real onslaught during Covid in 2020 and 2021,” says Jackie Burns Koven, head of menace intelligence at Chainalysis. “It feels very gloves-off.”
That record-breaking $1 billion-plus in extortion funds was a end result, partially, of the sheer variety of ransomware assaults in 2023. Cybersecurity agency Record Future counted 4,399 ransomware assaults final 12 months, based mostly on information reviews and ransomware gangs’ public listings of victims on their dark-web websites, a tactic the teams typically use to strain victims whereas threatening to launch their stolen information. That’s in comparison with simply 2,581 whole assaults in 2022 and a couple of,866 in 2021.
The spike within the variety of assaults seems to have offset a extra constructive pattern: By some counts, fewer victims of ransomware are paying the ransoms that hackers demand. According to data from the incident response firm Coveware, which ceaselessly negotiates with ransomware gangs on behalf of victims, solely 29 p.c of ransomware victims paid a ransom within the fourth quarter of 2023, a dramatic drop from fee charges between 70 p.c and 80 p.c for many of 2019 and 2020.
Even as fewer victims are paying, nevertheless, the entire sum collected by ransomware gangs is nonetheless rising as extra cybercriminals are drawn to a profitable business and perform extra assaults. Allan Liska, a menace intelligence analyst at Recorded Future, argues that the extremely public nature of ransomware serves as a type of promoting, continually pulling in additional opportunistic hackers, like sharks who scent blood within the water. “Everybody sees all these ransomware attacks,” Liska says. “Criminals tend to flock to where they see the money being made.”
[adinserter block=”4″]
[ad_2]
Source link