Record Earnings for Ransomware Hackers in 2023

 In 2023, ransomware hackers made more money than ever before. They earned $1.1 billion, setting a new record. This is a big increase from the $567 million they got in 2022. Chainalysis, a company that watches blockchain activities, shared this information.

The rise in earnings comes after a year when the money from ransomware dropped. But in 2023, things changed. More hackers joined in, and some big attacks brought in a lot of money. One hacking group, CL0P, made over $100 million by finding a way to break into a file-transfer service called MOVEit. This service is used by many businesses and governments. CL0P's attack on MOVEit made it the top ransomware for a while.

More people are trying ransomware because it can be very profitable. For instance, a group called Phobos lets other hackers use its ransomware. This makes it easier for more attacks to happen, even by those who are not very skilled.

Ransomware-as-a-service gangs, like LockBit and ALPHV, have made ransomware attacks go up by 68% in 2023. The US saw almost half of these attacks. The UK, Canada, Italy, and Germany also saw many attacks. The biggest ransom asked for was $80 million by the LockBit gang from Royal Mail.

The ransomware business is now worth billions. It has its own system with different roles like access brokers and software sellers. It even has things like employee of the month awards. LockBit was the biggest name in ransomware in 2023, but others are catching up.

Hackers are also finding new ways to stay hidden. They use normal tools in a way that does not look suspicious to carry out their attacks. This makes it hard to notice them. Malvertising, or harmful ads, also came back in 2023. These ads trick people into downloading malware.

Attacks on phones and computers have gotten more sophisticated. Android banking trojans were found 88,500 times. They pretend to be normal apps to steal banking details. Macs are also targeted more because they are used by many businesses.

As we moved into 2024, companies had smaller IT and security teams and budgets, making it a challenge to fight against these attacks.

Data Highlights Substantial Decrease in Ransom Payments, with Only 29% Complying in Q4 2023

 Ransomware gangs have been a prime concern for quite some time now, with victims across several industries getting targeted by their unique form of malware. Unfortunately, paying the demanded ransom isn’t really a way out because of the fact that this is the sort of thing that could potentially end up leading to re-victimization.

With all of that having been said and now out of the way, it is important to note that the proportion of people that have acquiesced to the demands of ransomware gangs has plummeted in recent years. Based on data provided by the cybersecurity company Coveware, just 29% of ransomware victims paid the demanded ransom in the fourth quarter of 2023, which indicates that 71% refused the demands with all things having been considered and taken into account.

This is a steep decline from three years ago, when a whopping 60% of companies would give the malicious actors whatever they asked for in the hopes that this would enable them to regain access to their important data. Back in the first quarter of 2019, the vast majority of companies agreed to pay the ransom, or 85% to be precise.

This seems to suggest that there has been a downward trajectory, and it might be due to companies engaging in best practices such as keeping a backup of their essential data on physical hard drives. This creates a situation wherein a ransomware attack would not actually be all that disastrous, since the data can be easily recovered even if the malicious actors wipe the infected system clean.

In spite of the fact that this is the case, some victims are still handing over extremely large funds. The average ransom payment has actually gone up even though the quantity of payments has gone down, with $408,644 paid on average in 2022, and $568,705 paid on average in Q4 2023. On top of all of that, the total quantity of ransomware attacks has been on the rise, with 3,205 instances recorded in 2023 alone. This indicates that malicious actors are undeterred by the lower proportion of payments.