Cyber Criminals' Earnings Fall As More Ransom Victims Refuse Payment 

Cyber criminals have experienced a 40% drop in their theft earnings as victims refuse to pay the criminals the ransom demanded and crypto currency experts at Chainalysis say ransomware groups extorted at least $457m (£370m) from victims in 2022, which is $311m less than the year before. 

The true figures are likely to be higher as many refuse to admit they are paying ransom fees, but experts still agree that fewer victims are paying the ransom money being asked for.  However, while there has been a drop in criminal revenue, the number of attacks is still rising.

Following sharp law enforcement action against the DarkSide and Conti ransomware groups, some hacking criminal operations have changed their methods and seem to have become cautious about getting involved in the sort high profile attacks that could lead to increased geopolitical pressure and attention from law enforcement agencies. 

Many of the ransomware criminals are thought to be based in Russia - althoughRussian government sources consistently deny their country is a haven for hackers.  

Recent high-profile victims has included The Guardian newspaper, the Royal Mail delivery company and a number of British schools. Companies, governments, schools and even hospitals around the world are regularly falling victim to ransomware hackers, who lock staff out of their IT systems until a ransom is paid, usually in Bitcoin. 

Ransomware attacks prevent victims accessing computer systems or data until a ransom is paid it is said, however police agencies around the world are increasingly urging victims not to pay.

The hackers often threaten to publish or sell the stolen data unless they are paid in Bitcoin and the analysts at Chainalysis have been tracking the money flowing in and out of Bitcoin wallets which are known to be owned by ransomware gangs and they say there is clear trend - ransomware payments are significantly down. 

Criminals now seem to be carrying out a greater number of smaller attacks instead of going after large  targets, where large payments are more likely.

Despite the drop in revenue, the number of unique ransomware strains being used in attacks reportedly increased dramatically in 2022. Research from Fortinet has found that more than 10,000 unique types of the malicious software were active in the first half of 2022. The growth in the number of attacks last year could be connected with enforcement actions, mainly by the US authorities, which caused some of the largest ransomware groups to disband.

Paying ransoms is not illegal and many organisations pay in secret, however, paying the ransom doesn't guarantee the victims that their network will be restored and paying ransome does encourage the perpetrators target more companies with the file-encrypting malware. For organisations that are hit by a ransomware attack, there are a number of hard choices that need to be made, and one of the most difficult is whether or not to pay the ransom. 

IBM researchers have analysed the impact the decision-making process of organisations that had suffered a successful ransomware attack and concluded that paying the extortionists is not generally a good idea. Less than 60% of organisations that paid the demanded ransom were able to recover even part of their data and 39% of companies that pay a ransom never see any of their data again. 

National Crime Agency:    Fortinet:    Graphus AI:    Coverware:       BBC:       BBC:    ZDNet:   

You Might Also Read: 

Crackdown On Ransomware Criminals:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Technology Is Disrupting Intelligence & Espionage
Illegal Crypto Transactions Reach A New Peak »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DeviceLock

DeviceLock

DeviceLock is a leading provider of endpoint device/port control and data leak prevention software.

Spirion

Spirion

Spirion offers data discovery, classification, and protection tools for your business's privacy, security, and compliance program to avoid gaps and risks.

Ground Labs

Ground Labs

Ground Labs is a security software company dedicated to making sensitive data discovery products that help organisations prevent sensitive data loss.

French Expert Center Against Cybercrime (CECyF)

French Expert Center Against Cybercrime (CECyF)

CECyF is a centre of excellence for countering cybercrime in France.

Applied Science and Technology Research Institute Company Limited (ASTRI)

Applied Science and Technology Research Institute Company Limited (ASTRI)

ASTRI's mission is to enhance Hong Kong’s competitiveness in technology-based industries through applied research in areas including Security & Data Sciences which encompasses cybersecurity.

OCM Business Systems

OCM Business Systems

OCM are experts in the safe, secure and responsible disposal of IT & EPoS assets.

Ockam

Ockam

Ockam gives you the tools you need to establish an architecture for trust within your connected device applications.

Qualcomm Technologies

Qualcomm Technologies

Qualcomm invents breakthrough technologies that transform how the world connects, computes and communicates.

Russell Reynolds Associates

Russell Reynolds Associates

Russell Reynolds Associates is a global leadership advisory and search firm with functional expertise in Digital Leadership, Data & Analytics, and Compliance.

Foundries.io

Foundries.io

Foundries.io have built a secure, open source platform for the world's connected devices, and a cloud service to configure this to any hardware and any cloud.

Globant

Globant

Globant is an It and software development company. We leverage the latest technologies and methodologies to help organizations transform in every aspect, including software security.

Cyber Security Council UAE

Cyber Security Council UAE

The Cyber Security Council's vision is to protect UAE cyberspace, maintain confidence in our digital infrastructure and institutions, and build a cyber-resilient society.

Vertek

Vertek

Vertek is a leading provider of operations consulting, end-to-end business process outsourcing, business intelligence, software applications and managed cybersecurity solutions.

OpenAI

OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity.

Cyphershield

Cyphershield

Cypershield is a Security and Smart Contract audit company providing professional smart contract auditing services for varied Crypto projects.

CyberForceHQ

CyberForceHQ

CyberForce helps cyber security professionals take real-world tests, get ranked and get paid better. It's that simple.