How ransomware could cripple countries, not just companies

/in


The scale of the problem is not easy to measure. Companies that are hacked or pay a ransom are reluctant to own up to it. Rising numbers can reflect better detection rather than more attacks. But what is clear is that, after a lull in 2022, caused in part by a split between Russian and Ukrainian hackers, ransomware attacks are back at their peak. Officials expect that 2023 will turn out to be the worst year on record.

The number of victims is troubling (see chart). In the four months to October the number listed on “leak sites”, where attackers name victims who refuse to pay, was the highest ever recorded, according to Secureworks, a cyber-security firm. Sophos, another such firm, estimates that on average individual ransom payments doubled from around $800,000 in 2022 to more than $1.5m in the first three months of 2023. And Chainalysis, a data company, estimates that ransom payments between January and June 2023 added up to $449m, compared with about $559m for the entirety of 2022. These numbers might reflect just the tip of the problem.

The growing threat from ransomware is occurring amid a shift in the nature of the business. An activity once dominated by a few large criminal groups is giving way to a mosaic of smaller attackers, many of them based in Russia or other ex-Soviet states, who can buy the necessary hacking tools. Western countries are striking back with sanctions and cyber-attacks of their own. Yet this does not seem to have stopped the wave of ransom payments, which is enriching criminal groups—and so potentially exacerbating the problem for years to come.

Ransomware has been mainly a Western problem but it is spreading globally. America, Australia, Britain, Canada and Germany are the most affected countries, but Brazil and India are not far behind them. Victims span the public and private sectors—in recent weeks attacks have hit an Italian cloud-service provider that hosts government data, Germany’s energy agency and a Chinese bank in New York, among others. An attack on Christmas Eve disrupted emergency care at a German hospital network, and attacks on the…

Source…