The state of ransomware in 2023 and how digital currency fuels cyberattacks

With the emergence of ransomware-as-a-service, cybercriminals have made it easier to execute attacks. At the same time, ransomware attacks are also fueled by cryptocurrency as research finds. Considering the rapid growth in the perceived value of cryptocurrency, attackers would demand payment in cryptocurrency such as Bitcoin. And more importantly, it is unregulated and difficult to trace. This can make it challenging for law enforcement agencies to track down the attackers or the funds received as ransom.

Over time, cybercriminals have introduced new techniques to their ransomware attack, including countdown timers, incrementally increasing ransom amounts, and alternative payment platforms. We see double extortion trend emerged in 2021, where attackers steal sensitive data from victims and demand payment in exchange for a promise to not publish or sell the data to other criminals. In 2023, with the ransomware-as-a-service business model taking off and ransomware gangs like LockBit 3.0, Conti, and Lapus$ are making news headlines, organizations will experience an increased frequency of ransomware attacks with new tactics.

Attackers have also expanded their targets to include larger operational systems, such as hospital networks and transportation service providers. Education (15%), municipalities (12%), healthcare (12%), infrastructure (8%), and financial (6%) are the dominant targets found by a cloud-first security solution provider. As more devices become connected to the internet, we can expect to see ransomware increasingly targeting beyond just computers and servers in the future.

While paying the ransom may unlock…