The Web3.0 analytics company Chainalysis previewed their 2023 year-in-review report. The company states that 2023 was a year of qualitative and quantitative change on the crypto market.
In its upcoming 2024 crypto crime report, Web 3.0 analysis company Chainalysis claims that ransomware drained more than $1 billion from targets over 2023. This is a record for known ransomware attacks and, as the company puts it, marks a ‘turning point’ for use of the malware.
An upward trend
Ransomware attacks skyrocketed during the COVID-19 crisis era, as workers telecommuted due to travel restrictions. In 2021, ransomware users raked in $983 million from victims. For several reasons, 2022 saw such attacks net only $567 million. However, attackers responded with increasingly sophisticated attacks and by mid-2023, the company was warning readers about the heightened risk. Current company estimates for 2023 put the total ransoms paid at $1.1 billion.
Chainalysis points out that this $ 1.1 billion only refers to the ransoms paid. The economic losses caused by ransomware are not calculated in this report. However, the company does give an example of how high these losses can run. MGM resorts did not pay the ransom. However, MGM estimates that damages to the business ran over $100 million as a result of the attack.
Why the 2022 dip?
Chainalysis claims that the drop in 2022 was the result of several events during the year. For one, Russia’s broad-scale invasion of Ukraine was accompanied by a wave of hacking activity with political and not financial goals. In effect, the rise in cyber warfare lowered cyber crime.
Law enforcement also managed to successfully dissuade victims from paying the ransoms. The Federal Bureau of Investigation in the U.S. broke into the criminal groups behind the ransomware attacks and either acquired sets of keys to restore service, or, in the case of the Conti group, uncovered links to Russian intelligence agencies.
The FBI pointed to its 2022 disruption of the Hive cyber criminal gang as an example. The bureau ended up providing decryption keys to over 1300 victims and preventing more than $130 million in ransoms from being paid.
2023 ransomware trends
In 2023, the problem of ransomware returned in full force as disrupted cyber actors regrouped and grew increasingly sophisticated in their attacks. This includes the rise of specialization among attackers, such as the rise of initial access brokers, or IABs. There is also a sort of franchise arrangement based around Ransomware as a Service, or RaaS, becoming prevalent.
Moreover, ransomware users deployed more zero-day attacks in 2023. Instead of relying on someone carelessly opening an attachment or clicking on a link, ransomware utilizing zero day attacks use weaknesses in software platforms that are not updated to gain control of a computer.
More on a changing landscape
Chainalysis will be releasing the report in February. Money.it has more information on the basics of ransomware and how to avoid it.