HomeCyber BalkansChainalysis: 2023 a watershed year for ransomware

Chainalysis: 2023 a watershed year for ransomware

Published on

spot_img

Last year, ransomware payments soared past the $1 billion mark, marking a significant escalation in this form of cyberattack, according to a report released by Chainalysis, a blockchain analytics vendor. The company described 2023 as a “watershed” year for ransomware.

In contrast, 2022 was viewed as a relatively slow year for ransomware. CrowdStrike data showed a drop in the average ransom payment from $5.7 million in 2021 to $4.1 million in 2022. Additionally, Mandiant reported responding to 15% fewer ransomware incidents in 2022 compared to the previous year. Despite these declines, experts warned that the reality was more complex than the numbers suggested.

One significant trend in 2022 was that some threat actors shifted from ransomware attacks to data extortion-only attacks, in which cybercriminals stole data without encrypting victim networks in the hopes of getting paid. Also, the invasion of Ukraine by Russia diverted attention away from financially motivated cybercrime and towards politically motivated attacks.

However, new research and observations detailed in a blog post published by Chainalysis on Wednesday revealed that 2023 saw a “major comeback” for ransomware. According to the company, ransomware payments amounted to $1.1 billion in 2023, the highest figure ever recorded, compared to $567 million in 2022 and $983 million in 2021.

The blog post cautioned that these figures were conservative estimates and could increase as new ransomware addresses are uncovered over time. Additionally, the vendor considered 2022 to be an “anomaly” due to a variety of factors, including the FBI’s takedown of the Hive ransomware gang.

The expansion of ransomware as a service (RaaS) and several large-scale ransomware attacks characterized the ransomware landscape in 2023. Chainalysis noted that tactics and affiliations among threat actors shifted, RaaS strains continued to spread, and attack execution became more swift and aggressive.

One of the most notorious examples of large-scale extortion activity was the massive campaign initiated by the Clop gang against customers of Progress Software’s managed file transfer product MoveIt Transfer, utilizing a zero-day vulnerability in the product. Since the start of Clop’s campaign, the gang received more than $100 million in ransom payments, making up a significant portion of all ransomware revenue in June and July.

This report provides a more detailed perspective on previous Chainalysis research. The company introduced the “2024 Crypto Crime Trends” report, showing an overall decline in illicit cryptocurrency activity in 2023 compared to 2022. This included a decrease in cryptocurrency scamming and hacking but warned that ransomware activity had risen and reversed the sharp decline observed in 2022.

Jacqueline Burns Koven, head of cyber threat intelligence at Chainalysis, emphasized the importance of disrupting the entire ransomware supply chain, including developers, affiliates, infrastructure service providers, launderers, and cash-out points. She stressed the need to focus on the individuals behind ransomware strains, naming and shaming them, and applying sanctions to disrupt their activities.

The company’s findings underscore the ongoing and evolving threat that ransomware poses, requiring continued vigilance and innovative strategies to combat this form of cybercrime.

Source link

Latest articles

Identifying online disinformation techniques

In today's world of information, knowledge is often just a few clicks away, thanks...

Secure Access in the Age of AI

Microsoft’s Principal Product Manager, Jef Kazimer, and Senior Product Manager, Bailey Bercik, were featured...

Vastaamo Hacker Vanishes During Ongoing Trial

The news article reports on the disappearance of Aleksanteri Kivimaki, a Finnish hacker who...

“Organizations are experiencing a significant identity crisis while criminals benefit” – The Register

Identity-related threats are becoming a growing concern for network security professionals due to the...

More like this

Identifying online disinformation techniques

In today's world of information, knowledge is often just a few clicks away, thanks...

Secure Access in the Age of AI

Microsoft’s Principal Product Manager, Jef Kazimer, and Senior Product Manager, Bailey Bercik, were featured...

Vastaamo Hacker Vanishes During Ongoing Trial

The news article reports on the disappearance of Aleksanteri Kivimaki, a Finnish hacker who...
en_USEnglish