More than $1 billion USD was paid to cyber-criminals in 2023, according to a report by blockchain data platform Chainalysis. The figure is the highest ever recorded, doubling the previous year’s $567 million in a “watershed” year for ransomware. The findings point to an escalating ransomware problem and a difficult cyber landscape.
Report Findings Explained
Ransomware payments to cyber-criminals were $983 million in 2021, $567 million in 2022, and $1.1 billion—circa £872 million—in 2023, Chainalysis found. Although 2022 witnessed a drop, this could have been caused partly by the Russia-based threat actors’ focus on the conflict in Ukraine that year. Regardless, Chainalysis’s figures suggest an upward trend in ransomware payments over time. Moreover, 2023 saw increased frequency, scope and volume of attacks.
Additionally, “big game” ransom payments—those sought by threat actors conducting fewer attacks for bigger paydays—continue to grow, accounting for less than 60% of ransom payments in the second half of 2021, but more than 80% in 2023.
Reasons Behind Escalating Ransomware
The cyber landscape continues to evolve as threat actors adjust their tactics to find new ways to exploit victims.
“The growth of ransomware revenue is disappointing following the sharp declines we covered last year [2022] and suggests that perhaps ransomware attackers have adjusted to organisations’ cyber-security improvements,” Chainalysis said in a recent blog post.
Additionally, Ransomware-as-a-service (RaaS) and the availability of hacking tools make it easier for cyber-criminals to launch attacks. Specifically, RaaS—a business model where threat actors pay to access malware and ransomware tools—has lowered the barrier to entry, meaning that less sophisticated criminals can now find ways to extort victims. Additionally, threat actors are increasingly targeting zero-day vulnerabilities—a known system vulnerability yet to be patched—as demonstrated by the MOVEit breach that hit thousands of organisations last year.
Next Steps
Organisations should review their cyber-security measures to protect themselves from ransomware and other cyber-threats. Moreover, organisations must implement robust cyber-security defences to lessen the chance of losses, including strategies to reduce the likelihood of malicious content reaching devices and networks. Additionally, organisations should keep up-to-date backups to enable swift restoration in the event of a breach. Above all, cyber-insurance can help protect organisations from the devastating consequences of cyber-attacks.
Contact us today for further guidance and insurance solutions.
Cyber criminals are becoming more and more savvy, and businesses and individuals are the victims. Making sure your cyber security is sufficiently resilient to withstand and bounce back from these attacks is more important than ever.
