In 2023, ransomware hackers set a new record by amassing $1.1 billion in payments, marking a significant recovery from 2022’s $567 million, as reported by blockchain monitoring firm Chainalysis. This resurgence is attributed to the entry of new hackers and several large-scale attacks, contrasting with the previous year’s decline.
Chainalysis’s analysis highlights an escalation in ransomware attacks’ frequency, scope, and volume. A notable trend is the increasing demand for ransoms exceeding $1 million, which constituted 75% of the total payment volume in 2023. This shift towards higher ransom demands underscores the evolving strategy of cybercriminals aiming for lucrative payouts.
A key player in the surge of ransomware payments was the CL0P hacking group, which exploited a vulnerability in MOVEit, a widely used file-transfer service. This exploit led CL0P to dominate ransomware activities temporarily, securing over $100 million in payments and significantly contributing to the total ransomware revenue in mid-2023.
The article also notes the emergence of new ransomware operators, attracted by the high-profit potential and low entry barriers. Operations like Phobos exemplify this trend by providing ransomware access to less sophisticated hackers, facilitating a surge in smaller-scale attacks.
Despite an increase in ransomware activity, there’s a positive shift towards victims refusing to pay ransoms, as observed by cybersecurity provider Coveware. However, the overall rise in attacks, especially those targeting larger entities, has led to a growth in revenue for ransomware gangs, highlighting the ongoing threat of ransomware in the digital landscape.