Cyber Criminals' Earnings Fall As More Ransom Victims Refuse Payment 

Cyber criminals have experienced a 40% drop in their theft earnings as victims refuse to pay the criminals the ransom demanded and crypto currency experts at Chainalysis say ransomware groups extorted at least $457m (£370m) from victims in 2022, which is $311m less than the year before. 

The true figures are likely to be higher as many refuse to admit they are paying ransom fees, but experts still agree that fewer victims are paying the ransom money being asked for.  However, while there has been a drop in criminal revenue, the number of attacks is still rising.

Following sharp law enforcement action against the DarkSide and Conti ransomware groups, some hacking criminal operations have changed their methods and seem to have become cautious about getting involved in the sort high profile attacks that could lead to increased geopolitical pressure and attention from law enforcement agencies. 

Many of the ransomware criminals are thought to be based in Russia - althoughRussian government sources consistently deny their country is a haven for hackers.  

Recent high-profile victims has included The Guardian newspaper, the Royal Mail delivery company and a number of British schools. Companies, governments, schools and even hospitals around the world are regularly falling victim to ransomware hackers, who lock staff out of their IT systems until a ransom is paid, usually in Bitcoin. 

Ransomware attacks prevent victims accessing computer systems or data until a ransom is paid it is said, however police agencies around the world are increasingly urging victims not to pay.

The hackers often threaten to publish or sell the stolen data unless they are paid in Bitcoin and the analysts at Chainalysis have been tracking the money flowing in and out of Bitcoin wallets which are known to be owned by ransomware gangs and they say there is clear trend - ransomware payments are significantly down. 

Criminals now seem to be carrying out a greater number of smaller attacks instead of going after large  targets, where large payments are more likely.

Despite the drop in revenue, the number of unique ransomware strains being used in attacks reportedly increased dramatically in 2022. Research from Fortinet has found that more than 10,000 unique types of the malicious software were active in the first half of 2022. The growth in the number of attacks last year could be connected with enforcement actions, mainly by the US authorities, which caused some of the largest ransomware groups to disband.

Paying ransoms is not illegal and many organisations pay in secret, however, paying the ransom doesn't guarantee the victims that their network will be restored and paying ransome does encourage the perpetrators target more companies with the file-encrypting malware. For organisations that are hit by a ransomware attack, there are a number of hard choices that need to be made, and one of the most difficult is whether or not to pay the ransom. 

IBM researchers have analysed the impact the decision-making process of organisations that had suffered a successful ransomware attack and concluded that paying the extortionists is not generally a good idea. Less than 60% of organisations that paid the demanded ransom were able to recover even part of their data and 39% of companies that pay a ransom never see any of their data again. 

National Crime Agency:    Fortinet:    Graphus AI:    Coverware:       BBC:       BBC:    ZDNet:   

You Might Also Read: 

Crackdown On Ransomware Criminals:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Technology Is Disrupting Intelligence & Espionage
Illegal Crypto Transactions Reach A New Peak »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Acumin Recruitment

Acumin Recruitment

Acumin is an internationally established Cyber Security recruitment specialist.

Security Weekly

Security Weekly

Security Weekly provides free content within the subject areas of IT security news, vulnerabilities, hacking, and research.

Lares Consulting

Lares Consulting

Lares is a security consulting firm that helps companies secure electronic, physical, intellectual, and financial assets through a unique blend of assessment, testing and coaching.

ElcomSoft

ElcomSoft

ElcomSoft is a global leader in computer and mobile forensics, IT security and forensic data recovery.

Oxford BioChronometrics

Oxford BioChronometrics

By building profiles based on electronically Defined Natural Attributes, or e-DNA, Oxford BioChronometrics protects digital networks, communities, individuals and other online assets from fraud.

BehavioSec

BehavioSec

BehavioSec uses the way your customers type, swipe, and hold their devices, and enables them to authenticate themselves through their own behavior patterns.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

Swiss Cyber Storm

Swiss Cyber Storm

Swiss Cyber Storm is a non profit organization hosting the international Swiss Cyber Storm Conference and running the Swiss part of the European Cyber Security Challenges.

Valtori

Valtori

Government ICT Centre Valtori provides sector-independent ICT services for the central government, while taking into account the special requirements related to security and preparedness.

Montreal International

Montreal International

You’re an entrepreneur planning to launch a company in an innovative sector such as AI, cybersecurity, 'deeptech' or fintech? You’ve found the right place!

Kindus

Kindus

Kindus is an IT security, assurance and cyber security risk management consultancy.

Contextual Security Solutions

Contextual Security Solutions

Contextual Security Solutions is a leading provider of penetration testing services and IT security & compliance audits.

Cloudflare

Cloudflare

Cloudflare is a global network designed to make everything you connect to the Internet secure, private, fast, and reliable.

Endure Secure

Endure Secure

Endure Secure is a managed cyber security & information security consultancy. Our passion for IS and our understanding of the threat landscape is reflected in the services that we provide.

Delta Partners

Delta Partners

Delta Partners is a venture capital firm investing in Ireland and the United Kingdom with a strong focus on early stage technology companies.

Zyxel Networks

Zyxel Networks

Zyxel Networks is a leading provider of secure, AI-powered networking solutions for small to medium businesses (SMBs) and the enterprise edge.