Search
Close this search box.

As Ransomware Attacks Surge Again, What’s Ahead for 2024?

The author

Stop us if you’ve heard this one before but ransomware is undergoing another one of its periodic surges.

Granted, cybercrime always seems to be on the up—does the media ever report drops in cybercrime?—but this time there’s some hard evidence to back it up.

That ransomware activity for 2023 rose was no surprise with the war in Ukraine causing a temporary drop in activity during 2022. Even so, when assessing activity on leak sites, Palo Alto’s Unit 42 researchers found significant rises in activity across the year.

Another source is Chainalysis, which rates 2023 as ransomware’s “comeback” year. The company estimates that ransoms paid exceeded $1 billion for the first time, a figure it calculates by tracking cryptocurrency payments into and out of the digital wallets used by criminals.

It’s a technique that yields other insights not available by simply polling customers (as most security vendors do) or from official government figures (which only record reported incidents in countries such as the United States). For instance, Chainalysis notes that:

“… threat actors may take weeks, months, or even years to launder their proceeds from ransomware, and so some of the laundering observed in 2023 is from attacks that occurred well into the past.”

Which goes to show that ransomware is a more time-consuming crime than it might appear from the victim’s point of view. Ransomware groups are also going to greater lengths to hide transactions, aware that the techniques used by Chainalysis and others can monitor where payments are going.

That includes obscuring moving money between different blockchains, and using gambling services and exchanges that don’t ask questions about their customers.

“We assess that this is a result of takedowns disrupting preferred laundering methods for ransomware, some [legitimate] services’ implementation of more robust AML/KYC policies, and also as an indication of new ransomware actors’ unique laundering preferences.

The last year also saw even more affiliates piling into ransomware, spurred on by the ease of launching attacks in the age of Ransomware as a Service. Meanwhile, ransomware creators have adopted the idea of rebranding by which they start using different malware strains to confuse detection or re-victimize an old target in a new guise. This is why the number of affiliates conducting attacks appears to grow even as the core group of ransomware makers remains stable.

Ransom Payment Decline

And yet, it’s not one-way traffic. There is also evidence that ransomware is having to work harder to make victims pay the ransoms demanded.

According to Coveware’s Incident Response Team, the number of victims paying up dropped to a record low (in its figures at least) of 29% in Q4 2023. For comparison, Q4 in 2022 was 37%.

On a longer timescale, when the survey began in Q1 2019 the number of victims paying was a remarkable 85%.

The reasons for this growing reluctance? It’s possible that exhortations by governments to convince victims not to pay are finally making some headway. Alternatively—and fa more likely—defenders have simply realized that in an age of data trading, paying guarantees little and have resolved to put ransom pots into recovery instead. That won’t stop ransomware, indeed it might simply encourage attackers to resort to even more desperate methods of persuasion. The most difficult period for ransomware attacks is probably still ahead of us.

Sign Up For Our Newsletter

Don’t worry, we hate spam too!

Get The Latest On Ransomware Right In Your Inbox

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

Is This Your Business?
Get In Touch

Contact Us To Sponsor Your Business Listing & Learn More About The Benfits.

Before You Go!
Sign up to stay up to date with everything ransomware

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

JUST RELEASED: The 2024 State of Ransomware Survey is in.

A REVEALING REPORT FOR IT PROFESSIONALS BY IT PROFESSIONALS

Share via
Copy link
Powered by Social Snap