It has been reported that last year was the worst on record for cryptocurrency payments received by ransomware groups. According to the Chainalysis Crypto Crime Report for 2024, published on February 7, crypto-criminals have finally broken the elusive $1 billion in ransomware barrier for ransoms paid in a single year. Big game hackers played a significant role in beefing up the ransom demands, although they are not solely responsible for this watershed moment in the sad history of ransomware successes. This discovery by Chainalysis sheds light on what it means for the year ahead when it comes to this particular genre of cybercrime activity.
The $1 Billion Ransomware Payment Barrier Smashed In 2023
Blockchain analysts for Chainalysis tallied up the totals in paid ransoms using crypto-currency for 2023 and found it had broken the $1 billion barrier for the first time, reaching $1.1 billion. This compares to $567 million across 2022, a flagship year for law enforcement takedowns. The 2021 total is more comparable as it reached $983 million then. Indeed, the trend line for ransomware payments since 2019 is undoubtedly on an upward trajectory overall.
Most worryingly, the Chainalysis report expects things to get worse, much worse. “The ransomware landscape is not only prolific but continually expanding, making it challenging to monitor every incident or trace all ransom payments made in cryptocurrencies,” it says, continuing, “It is important to recognize that our figures are conservative estimates, likely to increase as new ransomware addresses are discovered over time.” As to how much that readjustment might be, the totals for 2022 were eventually revised upward by 24.1%.
Ransomware On The Rise For 2024
Much of this upward trend for ransom payments has been driven by what is known as a big game hunting strategy. These big game hackers, perhaps best exemplified by the Cl0p ransomware group, choose bigger targets with average ransoms above $1 million. Although these groups carry out fewer attacks than others, the rewards are great when zero-day vulnerabilities are exploited against a service used by hundreds of large enterprises. Some might argue that such attacks are not ransomware as we know it, but actually, it is just how ransomware is evolving from paying to decrypt your data to paying to stop it from being published or sold instead. “Overall, big game hunting has become the dominant strategy over the last few years,” the report states, “with a bigger and bigger share of all ransomware payment volume being made up of payments of $1 million or more.”
“Whilst ‘Big Game Hunting’ continues to grow,” Brian Boyd, head of technical delivery at i-confidential, says, Ransomware as a Service means targeting smaller organizations with smaller ransoms can become a force multiplier.” Boyd also points out that the ransom paid is just the headline figure regarding the actual cost of an attack, with the bottom line being far greater thanks to the loss of productivity, assets, data and recovery costs.
“One of the biggest problems with ransomware today is how easy attacks are to execute,” Boyd warns, “Criminals have box-packed tools which make it easier than ever for novice criminals to launch devastating attacks.” This means that organizations of all sizes should take notice of this report and, Boyd concludes, use it “as a catalyst to improve their defenses against ransomware; otherwise, with the prevalence of RaaS models, we could be seeing even higher numbers in the year ahead.”