After a “not very” lucrative year 2022 for groups of ransomware, ransom payments exploded all records in 2023, exceeding a billion dollars. An astronomical figure, even though the number of victims who agreed to pay has drastically decreased.
$1.1 billion. This is the total amount of money received by cyberattackers via the ransomware channel alone in 2023. According to Chain Analysis, a data analysis platform specializing in the study of blockchain, online ransom payments have never reached such a high level since the implementation of its crypto-transaction monitoring system. A trend explained by the increase in ransomware attacks, as well as the extortion of much larger individual sums compared to previous years.
An upward recovery after a year of almost respite
As demonstrated by the data collected and analyzed by Chain Analysis, the increase in ransomware cyberattacks is unequivocal. In 2023, infection and ransomware operations have exploded around the world, mainly targeting large institutions and critical infrastructures, such as schools, hospitals, media, large companies and even security agencies. State. Confirmed victims include Shell, the University System of Georgia, British Airways, the BBC and the US Department of Energy.
These attacks were largely carried out by the gang behind the Cl0p ransomware, known as TA505, via the exploitation of repeated security flaws in MOVEit, file transfer software widely used in the health, finance, high technologies, as well as by government organizations.
According to Wiredin parallel with the data published by Chain Analysisthe cybersecurity company Recorded Future would have counted 4,399 ransomware attacks in 2023, compared to “only” 2,581 in 2022 and 2,866 in 2021, an increase in this type of operating mode from 50% to 70% in space of two years.
Fewer payments, but larger amounts paid
However, other figures revealed by Coveware, a ransomware monitoring company and support for victims of cyber-extortion, show that only 29% of companies and organizations hacked in 2023 would have ended up paying the required ransom, compared to 70% to 80 % between 2019 and 2020. Information to be compared with the total amount recovered by ransomware gangs, estimated at $220 million in 2019, $905 million in 2020, $983 million in 2021, $567 million in 2022, and $1.1 billion in 2023.
One of two things: the peaks in ransoms paid in 2020 and 2021 correspond to the COVID years, a period during which widespread teleworking clearly affected the security measures put in place by companies that continued their activities remotely.
Second clarification on which insists Chain Analysis : the low amounts received in 2022 by cyberattackers constitute an anomaly, and not a trend. In question: various factors such as the war in Ukraine (disruption of operations and transfer of motivations to a political rather than financial ground), the refusal of certain large companies to pay, or the infiltration of the very active Hive group by the FBI.
Considering the low percentage of victims who gave in to ransom demands and the record amount of transactions carried out, we also note that the sums of money demanded are much greater in 2023. A situation that Chain Analysis mainly explained by “ big game hunting “, that is to say the targeting of companies which cannot afford to suffer crippling attacks, and which have sufficient funds to quickly pay expensive ransoms. Thus, in 2023, 75% of ransom demands amounted to more than a million dollars, compared to 60% in 2021.
Sources: Chain Analysis, Coverware
0