It is common practice for ransomware gangs to ask victims to pay fees in cryptocurrency. Once purchased and transferred to a private wallet, cryptocurrency can be easily transferred without interference from financial institutions, regulators, or law enforcement. However, since blockchains are publicly accessible ledgers, it is easy to trace cryptocurrency transactions, except in the case of a few privacy-preserving funds designed to obscure transaction information. . By analyzing transactions on the blockchain, researchers, both public and private, can track payments made to ransomware gangs.
Chainalysis has been conducting this type of analysis and publishing its findings for several years in a row, and the company’s latest data shows that ransomware revenue in 2022 fell 40.3% or compared to 2021. to at least $766 million in 2021, which is significantly higher than the $457 million in ransomware payments Chainalysis reported in 2022.
What, then, explains this decrease in ransomware revenue? Chainalysis called upon the expertise of medical professionals and internet researchers to help answer this question. According to Allan Liska in Recorded Future, the monitoring of the combined sites of the ransomware gangs (DLS) has shown a 10.4% drop in ransomware attacks in 2022 compared to the previous year. However, this 10.4% reduction in the number of ransomware attacks does not fully explain the 40.3% drop in revenue collected by ransomware gangs.
Numbers provided by Bill Siegel of Coverware suggest that much of the decrease in ransomware revenue appears to be due to the growing reluctance of ransomware victims to pay fees. Between 2019 and 2022, Coverware observed that the likelihood of ransomware paying a fee would drop significantly from 76% to just 41%. In an attempt to explain the decrease in ransomware victims willing to pay premiums, experts interviewed by Chainalysis pointed to the increasing demands of cyber insurance companies and threats by the US government to impose legal consequences for violating sanctions by paying for ransomware. The threat from ransomware and security in general has prompted companies to look for cyber insurance. At the same time, online insurance companies have encouraged their customers not to pay fees but to implement and rely on comprehensive accounting systems.
We have to see how well the Chainalysis show remains over time, but the situation in the cyber threat space may be looking at the ransomware front.