A Refusal to Pay Ransom Sinks Ransomware Profits in 2022
Category: Ransomware News | Industry: Global | Level: Strategic | Source: BleepingComputer
Ransomware profits were at record highs in 2020 and 2021 with threat actors pocketing $765 million and $766 million respectively in those years. However, profits dropped significantly in 2022, by approximately 40% to $457 as organizations refrained from paying ransoms to cybercriminals. The data gathered to illustrate the decline in ransomware profits was shared by blockchain analytics company, Chainalysis. Additional insights from the statistics showed in 2019 a high percentage (76%) of victims had paid their ransoms. Although the willingness of victims to pay, dropped to 70% in 2020, 50% in 2021, and to 41% in 2022. Three factors were identified to be driving the change in handling ransom payments. Firstly, the devious nature of cybercriminals not guaranteeing the return of the victim's files. Second, public perception of ransomware attacks has changed, lessening the damage to brand reputation. Lastly, technological improvements from organizations displayed improved procedures for the management of backups and restoration of IT infrastructure. Despite the change in victim mentality, the threat of ransomware attacks will not slow down. Ransomware gangs LockBit, Hive, Cuba, BlackCat, and Ragnar were able to consistently add to their victim profile, and new formidable ransomware gangs such as Royal, BlackBasta, and Play have emerged in 2022.