Blockchain analysis company Chainalysis reports that ransomware attackers got over $1 billion in cryptocurrency from victims in 2023, the highest ever and 44.4% more than in 2022. Ransomware is harmful software that locks the victim's data and asks for payment, usually in cryptocurrency, to unlock it.
The report shows some key ransomware trends and developments in 2023, such as:
- The increase in supply chain attacks, which use flaws in common software or services to hit many targets at once. For example, an attack in June 2023 affected over 1000 organizations that used file transfer service MOVEit, including major media, airlines, and banks.
- Attacks on critical infrastructure and public institutions, such as hospitals, schools, and government agencies, create a significant risk to public safety and security.
- New and advanced ransomware groups, use better techniques and tactics to avoid detection and increase their success.
- The growth of RaaS (ransomware as a service,) where hackers create malware and let others use it for attacks, who in turn pay the creators some of the money they receive from the victims.
The report also points out some of the limitations and difficulties of tracking and measuring ransomware activity, such as:
- How ransomware incidents and payments are often underreported and underestimated, as many victims may not reveal or report the attacks or may pay the ransom through other people or third parties.
- How ransomware payment methods and means change and differ, as some ransomware actors may use different cryptocurrencies, services, or techniques to hide or clean their money.
- The lack of international cooperation and coordination among law enforcement, regulators, and private sector actors makes it harder to investigate and prosecute ransomware actors and to get back the stolen funds.
Ransomware can hurt businesses not only technically, but also strategically and operationally, by interrupting their main functions and services and causing huge financial and reputational losses. It is a changing and growing threat that business owners need to be aware of and adapt to.
Businesses can enhance their resilience and readiness against ransomware and reduce the impact and damage of attacks by following strong cybersecurity policies and practices, such as backing up data often, updating systems and software, using Artificial Intelligence and firewall tools, and teaching employees how to avoid phishing and other malicious emails.