Bad news on the ransomware front. After a year 2022 marked by a slight decline, with for example a drop in the number of legal investigations opened in France for ransomware attacks, ransomware attacks could well be on the rise again.
According to a report by Chainalysis, cybercriminals have indeed managed to extort at least $449 million with such attacks in the first six months of the year. This is, according to this company specializing in the analysis of flows on blockchains, a volume much higher than that observed last year over the same period, i.e. just under 300 million dollars.
Bounce
“It is clear that the ransomware ecosystem has rebounded in 2023,” summarizes Chainalysis. For the company, two phenomena are at work in this trend reversal. On the one hand, big game hunting started again with renewed vigor in 2023, after a difficult 2022, marked in particular by the explosion in flight of Conti’s cybercriminals due to internal tensions arising from the Russian invasion of the Ukraine.
On the other hand, there would also be more successful small attacks, which put together increase the illicit revenue of cybercriminals. Chainalysis experts also point to the wide spread between ransoms, which start at an average of $275 for attacks carried out with strains of Dharma ransomware to reach more than $300,000 for Alphv/BlackCat. They even approach the 2 million dollars for Cl0p.
General decline
The increase in ransomware attacks observed by Chainalysis is all the more worrying because it is against the current. At the same time, the company notices a drop in financial flows directed to shady addresses, a sign either of a general decline in cybercrime, or of a less good view of the company on these exchanges.
At the start of the year, Anssi explained the drop in ransomware attacks observed in 2022 by the good results of international judicial cooperation and state operations to hinder cybercriminals. The French cybersecurity agency also recalled that the war in Ukraine had led to a reorganization of cybercriminals, resulting in a lower number of attacks in the first half of 2022 before a rebound in the next.