Ransomware attacks in 2023 set a new record, with hackers amassing over $1.1 billion from victims, according to blockchain monitoring firm Chainalysis. This figure marks a significant increase from 2022, when ransomware payments totalled an estimated $567 million. The surge in 2023 is attributed to an influx of new hackers and several major attacks that resulted in millions in payments.
Chainalysis arrived at the $1.1 billion estimate by tracking cryptocurrency payments to digital wallets associated with hacking groups. The firm noted a major escalation in the frequency, scope, and volume of attacks in 2023. Some ransomware groups have shifted their focus to extracting payments exceeding $1 million, rather than settling for six-figure sums. Jackie Burns Koven, Chainalysis's head of threat intelligence, revealed that 75% of the overall ransomware payment volume in 2023 came from payments of $1 million or more.
The hacking group CL0P significantly contributed to the increase in ransomware payments in 2023 by exploiting a previously unknown vulnerability in MOVEit, a widely used file-transfer service. This campaign allowed CL0P to become the most prominent strain in the ransomware ecosystem for a time, amassing over $100 million in ransom payments and accounting for nearly half of all ransomware value received in June and July.
Data from 2023 also suggests that new players are joining the ransomware landscape, attracted by the potential for high profits and lower barriers to entry. In contrast, 2022 was likely an off year for ransomware due to Russia's invasion of Ukraine, which disrupted the cyber activities of hackers in both countries.
Ransomware actors intensified their operations in 2023, targeting high-profile institutions and critical infrastructure, including hospitals, schools, and government agencies. Major ransomware supply chain attacks were carried out, impacting companies ranging from the BBC to British Airways.
The overall trend line from 2019 to 2023 indicates that ransomware is an escalating problem. The ransomware landscape underwent significant changes in 2023, marked by shifts in tactics and affiliations among threat actors, as well as the continued spread of Ransomware-as-a-Service (RaaS) strains and swifter attack execution.
The record-breaking $1.1 billion in extortion payments in 2023 was a result, in part, of the sheer number of ransomware attacks. Cybersecurity firm Record Future counted 4,399 ransomware attacks last year, based on news reports and ransomware gangs' public listings of victims on their dark-web sites.
Despite the increasing threat of ransomware, law enforcement had some wins in 2023. The Department of Justice announced that the FBI seized several websites that belonged to the Alphv/BlackCat group, one of the most active threat groups in 2023. However, the escalating problem of ransomware attacks underscores the need for continued vigilance and improved cybersecurity measures.
Comments