Why are ransomware gangs making so much money?
For many organizations and startups, 2023 was a rough year financially, with companies struggling to raise money and others making cuts to survive. Ransomware and extortion gangs, on the other hand, had a record-breaking year in earnings, if recent reports are anything to go by.
It’s hardly surprising when you look at the state of the ransomware landscape. Last year saw hackers continue to evolve their tactics to become scrappier and more extreme in efforts to pressure victims into paying their increasingly exorbitant ransom demands. This escalation in tactics, along with the fact that governments have stopped short of banning ransom payments, led to 2023 becoming the most lucrative year yet for ransomware gangs.
The billion-dollar cybercrime business
According to new data from crypto forensics startup Chainalysis, known ransomware payments almost doubled in 2023 to surpass the $1 billion mark, calling the year a “major comeback for ransomware.”
That’s the highest figure ever observed, and almost double the amount of known ransom payments tracked in 2022. But Chainalysis said the actual figure is likely far higher than the $1.1 billion in ransom payments it has witnessed so far.
There’s a glimmer of good news, though. While 2023 was overall a bumper year for ransomware gangs, other hacker-watchers observed a drop in payments toward the end of the year.
This drop is a result of improved cyber defenses and resiliency, along with the growing sentiment that most victim organizations don’t trust hackers to keep their promises or delete any stolen data as they claim. “This has led to better guidance to victims and fewer payments for intangible assurances,” according to ransomware remediation company Coveware.
Record-breaking ransoms
While more ransomware victims are refusing to line the pockets of hackers, ransomware gangs are compensating for this drop in earnings by increasing the number of victims they target.
Take the MOVEit campaign. This huge hack saw the prolific Russia-linked Clop ransomware gang mass-exploit a never-before-seen vulnerability in the widely used MOVEit Transfer software to steal data from the systems of more than 2,700 victim organizations….
