Cyber Criminals' Earnings Fall As More Ransom Victims Refuse Payment 

Cyber criminals have experienced a 40% drop in their theft earnings as victims refuse to pay the criminals the ransom demanded and crypto currency experts at Chainalysis say ransomware groups extorted at least $457m (£370m) from victims in 2022, which is $311m less than the year before. 

The true figures are likely to be higher as many refuse to admit they are paying ransom fees, but experts still agree that fewer victims are paying the ransom money being asked for.  However, while there has been a drop in criminal revenue, the number of attacks is still rising.

Following sharp law enforcement action against the DarkSide and Conti ransomware groups, some hacking criminal operations have changed their methods and seem to have become cautious about getting involved in the sort high profile attacks that could lead to increased geopolitical pressure and attention from law enforcement agencies. 

Many of the ransomware criminals are thought to be based in Russia - althoughRussian government sources consistently deny their country is a haven for hackers.  

Recent high-profile victims has included The Guardian newspaper, the Royal Mail delivery company and a number of British schools. Companies, governments, schools and even hospitals around the world are regularly falling victim to ransomware hackers, who lock staff out of their IT systems until a ransom is paid, usually in Bitcoin. 

Ransomware attacks prevent victims accessing computer systems or data until a ransom is paid it is said, however police agencies around the world are increasingly urging victims not to pay.

The hackers often threaten to publish or sell the stolen data unless they are paid in Bitcoin and the analysts at Chainalysis have been tracking the money flowing in and out of Bitcoin wallets which are known to be owned by ransomware gangs and they say there is clear trend - ransomware payments are significantly down. 

Criminals now seem to be carrying out a greater number of smaller attacks instead of going after large  targets, where large payments are more likely.

Despite the drop in revenue, the number of unique ransomware strains being used in attacks reportedly increased dramatically in 2022. Research from Fortinet has found that more than 10,000 unique types of the malicious software were active in the first half of 2022. The growth in the number of attacks last year could be connected with enforcement actions, mainly by the US authorities, which caused some of the largest ransomware groups to disband.

Paying ransoms is not illegal and many organisations pay in secret, however, paying the ransom doesn't guarantee the victims that their network will be restored and paying ransome does encourage the perpetrators target more companies with the file-encrypting malware. For organisations that are hit by a ransomware attack, there are a number of hard choices that need to be made, and one of the most difficult is whether or not to pay the ransom. 

IBM researchers have analysed the impact the decision-making process of organisations that had suffered a successful ransomware attack and concluded that paying the extortionists is not generally a good idea. Less than 60% of organisations that paid the demanded ransom were able to recover even part of their data and 39% of companies that pay a ransom never see any of their data again. 

National Crime Agency:    Fortinet:    Graphus AI:    Coverware:       BBC:       BBC:    ZDNet:   

You Might Also Read: 

Crackdown On Ransomware Criminals:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Technology Is Disrupting Intelligence & Espionage
Illegal Crypto Transactions Reach A New Peak »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

European Defence Agency (EDA)

European Defence Agency (EDA)

EDAs mission is to improve European defence capabilities. Programme areas include Cyber Defence.

Willis Towers Watson

Willis Towers Watson

Willis Towers Watson is a global risk management, insurance brokerage and advisory company. Services offered include Cyber Risks insurance.

MD5

MD5

MD5 is a leading UK provider of Digital Forensic & eDiscovery services to large multi-national corporate businesses, Law Enforcement & Government Agencies, high profile legal firms.

DocAuthority

DocAuthority

DocAuthority automatically discovers and accurately identifies unprotected, sensitive documents, enabling a broad yet business-friendly security policy.

Sopher Networks

Sopher Networks

Sopher is a secure communication and collaboration platform for business and personal use.

Swiss Cyber Think Tank (SCTT)

Swiss Cyber Think Tank (SCTT)

The Swiss Cyber Think Tank is a business network for Cyber Risk & Insurability, providing an industry-wide networking platform for insurers, technology and security firms.

SEEK

SEEK

SEEK create world-class technology solutions to address the needs of job seekers and hirers across multiple sectors including cybersecurity.

Ntirety

Ntirety

Ntirety Managed Security Services offer enterprise businesses the advanced tools, processes, and support to ensure your infrastructure, networks, and mission-critical applications are secure.

DCX Technology

DCX Technology

Recognized as a leader in security services, DXC Technology help clients prevent potential attack pathways, reduce cyber risk and improve threat detection and incident response.

Internetwork Defense (IND)

Internetwork Defense (IND)

Internetwork Defense is a premier provider of Information Security Training and Business Consulting Services in the Mid-Atlantic region.

Quantum Security Solutions (QSec)

Quantum Security Solutions (QSec)

QSec is an innovative information security consultancy based in Ghana. We can provide your organisation with information security products and services that assure against information risk.

Armexa

Armexa

Armexa is a leading provider of advanced industrial cybersecurity solutions that protect your critical OT and ICS infrastructure against ever-changing threats.

Testhouse Ltd

Testhouse Ltd

Testhouse is a thought leader in the Quality Assurance, software testing and DevOps space. Founded in the year 2000 in London, UK, with a mission to contribute towards a world of high-quality software

Entro Security

Entro Security

Entro is the first holistic secrets security platform that detects, safeguards, and enriches with context your secrets across code, vaults, chats, and platforms.

Stratascale

Stratascale

Stratascale is a consultant, systems integrator, and technology advisor with expertise in Automation, Cloud Ascension, Cybersecurity, Data Intelligence, and Digital Experience solutions.

Fingerprints

Fingerprints

Fingerprints is the world-leading biometrics company. Our solutions are found in millions of devices providing safe and convenient identification and authentication with a human touch.