Ransomware revenue decreases in the middle of less successful blackmail attempts: chain analysis
Ransomware revenue decreases in the middle of less successful blackmail attempts: chain analysis
2022 was a turbulent year. A good thing is that the ransomware income has decreased significantly.
attacks on the crypto industry are still widespread. However, data indicates that victims increasingly refuse to pay ransomware attackers. The blockchain analysis company Chainalysis illuminates the changing dynamics in the ransomware industry in a new report.
zooming in ransomware attacks 2022
It turned out that over 10,000 unique tribes were active in the first half of the year alone-a trend that was also confirmed by on-chain data. In comparison, around 5,400 unique tribes were registered as active in the same period of 2021. The number of active tribes has increased significantly in recent years, but a large part has been to a small group of tribes at a certain point in time.
The lifespan of ransomware decreased in 2022. In fact, it was found that the average ransomware tribe was only active for 70 days compared to 153 in 2021 and 265 in 2020. Most attackers forward the extensed funds to central cryptocurrency exchanges. This number rose from 39.3 % in 2021 to 48.3 % in 2022.
On the other hand,incorrectly acquired funds that were transferred to risky stock exchanges fell from 10.9 % to 6.7 %. A similarly declining trend was observed when using illegal services such as Darknet markets for ransomware money laundering. However, the use of coin mixer has risen from 11.6 % to 15.0 %.
less frequent ransom payments
chainalysis stated that the estimate for the total revenue from ransomware in 2022 from $ 765.6 million in 2021 dropped by $ 40.3 % to at least $ 456.8 million in 2022. The decline is significant and showed an increasing unwillingness of the victims to pay ransomware attackers, and no decline in the actual number of exploits.
Michael Phillips, Chief Claims Officer of the cyber insurance company Resilience, claims that ransomware continues to be a large cyber threat to companies and companies, noted:
"However, there are signs that significant disorders against ransomware actor groups lead to less successful extortion attempts than expected."
Especially in the past four years, the probability that victims will pay a ransom have changed dramatically. An analysis carried out by Bill Siegel, CEO of the Ransomware Incident Response company Coveware, showed that the victim payment rates fell from 76 % in 2019 to 41 % in 2022.
This shift is due to the fact that the payment of ransoms has become legally risky, especially after the recommendation issued by the Office of Foreign Assets Control (OFAC) in September 2021 for possible sanctions when paying soldering.
Another important factor that plays a crucial role in the development of the trend is the reimbursement of victims of ransomware attacks by cyber insurance companies. Phillips emphasized that companies have to meet strict cyber security and backup measures in order to be insured against ransomware. The demand for better cyber security measures has made it possible for companies to recover from attacks instead of giving in to ransom demands.
"An increased focus on underwriting against factors that contribute to ransomware has led to lower incident costs for companies and contributed to a declining trend in extortion payments."
.
Kommentare (0)