Cyber Criminals' Earnings Fall As More Ransom Victims Refuse Payment 

Cyber criminals have experienced a 40% drop in their theft earnings as victims refuse to pay the criminals the ransom demanded and crypto currency experts at Chainalysis say ransomware groups extorted at least $457m (£370m) from victims in 2022, which is $311m less than the year before. 

The true figures are likely to be higher as many refuse to admit they are paying ransom fees, but experts still agree that fewer victims are paying the ransom money being asked for.  However, while there has been a drop in criminal revenue, the number of attacks is still rising.

Following sharp law enforcement action against the DarkSide and Conti ransomware groups, some hacking criminal operations have changed their methods and seem to have become cautious about getting involved in the sort high profile attacks that could lead to increased geopolitical pressure and attention from law enforcement agencies. 

Many of the ransomware criminals are thought to be based in Russia - althoughRussian government sources consistently deny their country is a haven for hackers.  

Recent high-profile victims has included The Guardian newspaper, the Royal Mail delivery company and a number of British schools. Companies, governments, schools and even hospitals around the world are regularly falling victim to ransomware hackers, who lock staff out of their IT systems until a ransom is paid, usually in Bitcoin. 

Ransomware attacks prevent victims accessing computer systems or data until a ransom is paid it is said, however police agencies around the world are increasingly urging victims not to pay.

The hackers often threaten to publish or sell the stolen data unless they are paid in Bitcoin and the analysts at Chainalysis have been tracking the money flowing in and out of Bitcoin wallets which are known to be owned by ransomware gangs and they say there is clear trend - ransomware payments are significantly down. 

Criminals now seem to be carrying out a greater number of smaller attacks instead of going after large  targets, where large payments are more likely.

Despite the drop in revenue, the number of unique ransomware strains being used in attacks reportedly increased dramatically in 2022. Research from Fortinet has found that more than 10,000 unique types of the malicious software were active in the first half of 2022. The growth in the number of attacks last year could be connected with enforcement actions, mainly by the US authorities, which caused some of the largest ransomware groups to disband.

Paying ransoms is not illegal and many organisations pay in secret, however, paying the ransom doesn't guarantee the victims that their network will be restored and paying ransome does encourage the perpetrators target more companies with the file-encrypting malware. For organisations that are hit by a ransomware attack, there are a number of hard choices that need to be made, and one of the most difficult is whether or not to pay the ransom. 

IBM researchers have analysed the impact the decision-making process of organisations that had suffered a successful ransomware attack and concluded that paying the extortionists is not generally a good idea. Less than 60% of organisations that paid the demanded ransom were able to recover even part of their data and 39% of companies that pay a ransom never see any of their data again. 

National Crime Agency:    Fortinet:    Graphus AI:    Coverware:       BBC:       BBC:    ZDNet:   

You Might Also Read: 

Crackdown On Ransomware Criminals:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Technology Is Disrupting Intelligence & Espionage
Illegal Crypto Transactions Reach A New Peak »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT GRC Forum

IT GRC Forum

The IT GRC Forum is an online resource and networking platform for the Governance, Risk Management, and Compliance (GRC) community

GovCERT.HK

GovCERT.HK

GovCERT.HK is the Government Computer Emergency Response Team for Hong Kong.

tunCERT

tunCERT

TunCERT is the National Computer Emergency Response Team of Tunisia.

Kount

Kount

Kount's “decision engine” platform is ideal for managing fraud in online/telephone channels that process payments and onboard new customers.

SKOUT Secure Intelligence

SKOUT Secure Intelligence

SkOUT Secure Intelligence (formerly Oxford Solutions) provides cyber security monitoring services to organizations around the globe.

Platin Bilişim

Platin Bilişim

Platin Bilisim is an IT Security company providing consultancy, solutions and operational support services.

Internap Corporation (INAP)

Internap Corporation (INAP)

INAP is a global provider of high-performance data center and cloud solutions, partnering with customers worldwide to create secure and scalable IT infrastructure solutions.

Evanston Technology Partners (ETP)

Evanston Technology Partners (ETP)

ETP provides services and solutions to enable and transform businesses in the areas of cybersecurity, data protection, and efficient operations practices.

Cyber Security Africa

Cyber Security Africa

Cyber Security Africa is a full-service Information Security Consulting firm offering a comprehensive range of Services and Products to help organizations protect their valuable assets.

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF) of Armenia is one of the largest technology business incubators and IT development agencies in the region.

Jacobs

Jacobs

Jacobs is at the forefront of the most important security issues today. We are inspired to be the best and deliver innovative, mission-focused outcomes that matter to our clients.

VCG Group

VCG Group

VCG provides everything you need for the design, implementation and management of data centres, cyber-secure enterprise networks, cloud and connectivity services.

Auriga Consulting

Auriga Consulting

Auriga is a center of excellence in Cyber Security, Assurance and Monitoring Services, with a renowned track record of succeeding where others have failed.

Getronics

Getronics

Getronics guides customers through their own transformation journeys, leveraging an integrated and secure-by-design IT portfolio.

Infisign

Infisign

Infisign addresses the challenges of traditional IAM systems and offers a comprehensive solution for modern identity management.

Convergence Networks

Convergence Networks

Convergence Networks is one of North America's leading Managed Services & Security Providers.