Ransomware is Getting Less Lucrative

Image Credit: iStock Images, dusanpetkovic

Sign up for smart news, insights, and analysis on the biggest financial stories of the day.

Cyber bandits are feeling less and less like the slick Ocean’s 11 crew and more and more like an ill-fated Robert De Niro at the end of Heat.

Why? According to new research from Chainalysis, it’s because an increasing number of would-be victims are refusing to pay up to escape the ransomware traps that have rocked the corporate world in recent years.

Cybercrime and Punishment

Life was good for cybercriminals in 2019, 2020, and 2021. Companies big and small were increasingly online — especially as the pandemic gripped the world and reshaped office practices. That meant they were storing and sharing large amounts of juicy data and highly-sensitive information, essentially leaving their electronic front door wide open. Meanwhile, cybersecurity and cyber insurance firms were just exiting the “niche” stage of their business life cycles, and the burgeoning wild, wild, west of cryptocurrencies provided the perfect mechanism for doing massive amounts of crime.

But the world soon caught up to these uniquely 21st-century villains. Governments the world over discouraged companies from making ransom payments, and US officials levied steep sanctions against cryptocurrency companies that allegedly facilitate illegal activities. Global criminal investigations hunted down alleged members of the REvil and Darkside hacker gangs, two major repeat offenders, while Insurance companies have grown far more stringent over covering payout claims. It’s all put a significant dent in the once-lucrative line of cybercrime:

  • Ransom payments, which are almost always completed using bitcoin, fell from around $766 million in 2021 to around $457 million in 2022, a roughly 40% decrease, according to the forensic blockchain investigation results published by Chainalysis on Thursday.
  • “We believe that much of the decline is due to victim organizations increasingly refusing to pay ransomware attackers,” the report said. Just 41% of victims in 2022 ponied up the ransom, down from 76% in 2019, according to data from ransomware security firm Coveware seen by Chainalysis.

Bit by Bitcoin: Even still, the number of attacks continues to be on the rise. The number of ransomware strains in circulation boomed to over 10,000 in the first half of 2022, according to Fortinet research quoted by Chainalysis. And hackers are increasingly ditching the big-game hunting targets — such as major corporations, government networks, as well as hospitals and schools — in favor of often much more vulnerable small businesses. Remember: when the IT department’s 2FA mandates fail, there’s always the simple art of negotiation.