Cybercriminals are making less money from ransomware attacks as victims increasingly refuse to pay ransom demands.
Analysis by cryptocurrency and blockchain company Chainanalysis suggests that ransom payments dropped 40% last year, from $765.6 million in 2021 to $456.8 million in 2022.
in the meantime, Cybersecurity Researcher at Coveware It also suggests that the number of victims paying ransoms has dropped significantly in recent years, from 76% of victims in 2019 to 41% of victims in 2022.
Numbers don’t and can’t explain everything ransomware attack But researchers suggest the pattern is clear. That means fewer victims responding to extortion demands, and the Ransomware gang as a whole finds it harder to monetize their attacks.
But that doesn’t mean the threat of ransomware attacks has diminished. Cybercriminals are still breaking into networks and encrypting data. Cause disruption to business, infrastructure and routine services — Ransomware gangs still divulge stolen information in retaliation, even if victims don’t comply with ransom demands.
According to Coveware, there are several reasons for the decrease in the number of ransom payments.
The first is that the organization has improved. Cybersecurity strategy and incident response planinvestment in protection such as Backup software and hardwareso if you fall victim to a ransomware attack, you have a means of retrieving your data without succumbing to extortion demands.
And if a company has invested in a good cybersecurity strategy, it means that even in the event of a successful attack, they are well prepared to deal with the impact.
“Companies with better self-defense capabilities don’t succumb to attacks as often. Companies with well-executed incident response processes are less likely to be severely impacted when an attack succeeds.” (which can lead to ransom payments),” said Coveware. researcher.
Researchers suggest that a second reason for the decline in ransom payments is a change in law enforcement approach. Law enforcement agencies have moved from focusing on stopping and arresting cybercriminal activity to directly assisting victims of attacks. Providing advice and support How to make sure your network is as robust as possible against cyberattacks.
A third reason for the decline in ransom payments is the self-sufficiency cycle. As fewer and fewer victims pay the ransom, it becomes harder for ransomware gangs to make money. This means that some groups are forced to stop because they are not getting a return on their time and effort.
“Ultimately, fewer cybercriminals can make a living distributing ransomware, and ultimately fewer attacks,” said Coveware.
Declining ransom payments would be welcomed by many, but it doesn’t mean ransomware is no longer a threat. Even if the number of victims who refuse to pay the ransom increases, Organizations Still Hit by Ransomware Attacks.
First of all, chaos ensues when you are locked out of your files and servers during a ransomware attack. related to critical infrastructure or healthcarecan have devastating and long-term effects on those who rely on those services.
In addition, Many ransomware operations are now involved in what are known as ‘double extortion’ attacksis also where cybercriminals use the network access they gain to plant ransomware and steal sensitive information.
According to the analysis of An underground forum of cybersecurity researchers from Group-IBdark web data breaches following ransomware attacks increased 22% last year.
An increase in data breaches may be related to an increase in victims who are unwilling to pay the ransom. Cybercriminals are releasing stolen information in retaliation. In any case, it is well known that cybercriminals take money to release information..
While ransomware remains a significant cybersecurity threat to organizations, there are strategies that can be implemented to make it more difficult for ransomware gangs and other cybercriminal groups to infiltrate networks and profit from attacks.
User protection multi-factor authentication (MFA) goes a long way to stopping hackers from breaking into your network, even if they know the correct password. Proper use of MFA not only prevents cybercriminals from exploiting stolen login credentials, but it also lets you (and your security team) know that your password has been guessed or stolen.
Organizations also need to ensure that security patches and updates are applied in a timely manner to prevent attacks by cybercriminals. Exploit vulnerabilities with known fixes To access your account or network.
https://www.zdnet.com/article/fewer-ransomware-victims-are-paying-up-but-theres-a-catch/#ftag=RSSbaffb68 There are fewer paying ransomware victims.But there are pitfalls