Updated on: February 9, 2024
Ransomware victims paid attackers over $1 billion last year, setting a new record, according to 2023 ransomware payment analysis by Chainalysis, a firm specializing in the global tracking of cryptocurrency transactions.
The report suggests cybercriminal are continuing to earn more through extortion of individuals and institutions with little to no consequences.
“There is a whole government and industry mobilization to stop ransomware, and the problem has only gotten worse,” said Allan Liska, a ransomware analyst Recorded Future. “Don’t get me wrong; we’ve made real progress. Takedowns are rapidly increasing, as are law enforcement actions. But we are still losing the fight.”
Ransomware attacks happen when hackers lock up computer systems, swipe sensitive info, or both, and then ask for crypto cash to either give back access or promise they won’t spill any secrets. They often target organizations like businesses, hospitals, or schools, but can launch attacks against individual users, too.
There’s been a surge in ransomware attacks like never before despite attempts to curb the ransomware criminal network. Jackie Koven, who leads cyber threat intelligence at Chainalysis, says this is because ransomware attacks promise massive profits with often minimal repercussions.
“Newcomers are lured by the promise of lucrative returns, the low barriers of entry,” she said.
The numbers show that a significant portion of successful ransomware attacks stems from the sheer volume of individuals attempting to breach businesses likely to pay up. This means that the reason why so many companies fall victim to ransomware attacks isn’t because a lot of hackers are coming up with increasingly inventive and sophisticated methods to infiltrate victims’ computers (though some do).
A big reason why victims choose to pay the ransom is because it often proves to be a less expensive alternative than defying the demands of hackers. The Treasury Department has made efforts to combat this by imposing sanctions on certain ransomware groups and cryptocurrency firms alleged to facilitate the laundering of their proceeds, which has made it legally harder for victims to pay the ransom under specific conditions.
However, paying a ransom typically doesn’t typically breach legal boundaries. If you’re looking to protect yourself from a ransomware attack, check out the top ransomware programs we tested here.