Ransomware attacks tumbled in 2022, offering hope that the tide was turning against the criminal gangs behind them. Then things got a whole lot worse.
Amid a concerted effort by global law enforcement to crack down on ransomware attacks, payments to hackers and even the volume of attacks fell in 2022. But the trend doesn’t seem to be holding for 2023, and attacks have shot up again.
Data from cryptocurrency tracing firm Chainalysis indicates that victims have paid ransomware groups $449.1 million in the first six months of this year. For all of 2022, that number didn’t even reach $500 million. If this year’s pace of payments continues, according to the company’s data, the total figure for 2023 could hit $898.6 million. This would make 2023 the second biggest year for ransomware revenue after 2021, in which Chainalysis calculates that attackers extorted $939.9 million from victims.
The findings track with general observations from other researchers that the volume of attacks has spiked this year. And they come as ransomware groups have become more aggressive and reckless about publishing sensitive and potentially damaging stolen information. In a recent attack against the University of Manchester, hackers directly emailed the UK university’s students telling them that seven terabytes of data had been stolen and threatening to publish “personal information and research” if the university didn’t pay up.
“We think as a result of their budgetary shortfalls in 2022 we’ve seen these more extreme extortion techniques, ways to kind of twist the knife,” says Jackie Burns Koven, head of cyber threat intelligence at Chainalysis. “In 2022 we were very surprised to find that decline. Then we talked to external partners—incident response firms, insurance companies—and they all said, yeah, we’re paying less, and we’re also seeing fewer attacks.”