Victims Often Pay Less as Ransomware Revenue Drops, Chainalysis Reports
The ransomware actor has managed to extort at least $456.8 million from victims as of 2022, as revealed by Chainalysis in a report published on Thursday. The company pointed out that the estimated amount is less than $765.6 million and that the actual amount needs to be higher considering that the addresses of the crypto controlled by the attackers have not yet been identified.
If we look at the study, the authors stress that “the trend is overwhelmingly clear that ransomware payouts are significantly lower,” of course this finding does not mean that attacks have been reduced, instead they believe that Much of the decline is due to an increasing number of affected organizations outright refusing to pay the actually demanded ransom and not in favor of it. Additionally, Chainalysis also highlights a reported significant increase in unique ransomware strains in 2022, which continues the growth of active strains in recent years. At the same time, most ransomware revenue still goes to a limited set of strains, meaning that “the actual number of individuals who make up the ransomware ecosystem is likely to be much smaller than is believed,” the researchers said. “. In addition, onchain data compiled by Chainalysis also shows a “dramatic drop” in ransomware revenue, as much as 40.3%”. According to the evidence available with the company so far, this decline is due to the process of non-payment of ransom demands from victims and its intransigence, and not a decrease in the number of attempts to withdraw money.
According to Michael Phillips, chief claims officer at cyber insurance firm Resilience, the industry shows there remains a growing threat of claims being filed with ransomware but some factors are driving up extortion attempts such as the war in Ukraine and threats by Western countries. Such groups are subjected to pressure from law enforcement and include arrests and other crimes such as extortion.
Recorded Future Intelligence analyst and ransomware expert Allan Liska reports from the data leak site that between 2021 and 2022, ransomware attacks decreased by more than 10% from 2,865 to 2,566. Of course, experts point to another reason for reaping the revenue that has been reported, and accordingly paying the ransom has become legally risky. With sanctions and threats we have to take the cumulative risk of legal consequences for making people pay. Cyber insurance companies that reimburse ransomware victims are also playing a major role. Liska commented, “Cyber Insurers have actually made a vow to ensure that not only who they will insure, but also who is being used without payment, so it uses insurance payments to ransom its customers.” are much less likely to be allowed to use.
Bill Siegel, co-founder and CEO of ransomware incident response firm Coveware, pointed out that cyber insurance user demand for better security measures is a key driver of less frequent ransom payments and that data shows that victim payments will increase between 2019 and 2022. The rate has dropped from 76% to 41%.
