Ransomware Gangs See Profits Crater As Cyber ​​and Government Insurers Struggle

Last July, we wrote a report published by Coverware which found that the dollar value of the ransom of ransomware is down to the bottom starting in Q1 2022 and continuing in Q2 of the same year. However, we are not sure whether this reduction in the cost of individual payments will be reflected in the amount of revenue collected by ransomware gangs, as the amount of ransomware payments can be large. resulting in the same or greater amount of income before this decline. . The chances of the ransomware gangs maintaining or increasing their profits are likely to be, giving double in the number of ransomware attack each in the last two years. Fortunately, it looks like we may have been more skeptical of the ransomware situation, as blockchain research firm Chainalysis has published data from its upcoming Crypto Crime Report 2023 showing that the amount of money ransomware gangs earn from collecting payments has decreased over the past year. .

It is common practice for ransomware gangs to ask victims to pay fees in cryptocurrency. Once purchased and transferred to a private wallet, cryptocurrency can be easily transferred without interference from financial institutions, regulators, or law enforcement. However, since blockchains are publicly accessible ledgers, it is easy to trace cryptocurrency transactions, except in the case of a few privacy-preserving funds designed to obscure transaction information. . By analyzing transactions on the blockchain, researchers, both public and private, can track payments made to ransomware gangs.

Chainalysis has been conducting this type of analysis and publishing its findings for several years in a row, and the company’s latest data shows that ransomware revenue in 2022 fell 40.3% or compared to 2021. to at least $766 million in 2021, which is significantly higher than the $457 million in ransomware payments Chainalysis reported in 2022.

As Chainalysis has clarified, the amount of revenue collected by ransomware gangs each year is likely to be higher than the number published by the company, as Chainalysis cannot confirm all known cryptocurrency addresses used by ransomware gangs. Since publishing the Crypto Crime Report last year, Chainalysis has attributed $164 million more in cryptocurrency transactions to ransomware payments in 2021. The total in 2022 will be almost just go up from where it is now. However, due to the significant difference between last year and this year, Chainalysis still thinks that there is value in the story that its figures indicate, the income from ransomware fell in 2022 compared to the previous two years. The company also consulted Michael Philips, Chief Claims Officer at online insurance company Resilience, who told Chainalysis that the online insurance industry is also seeing evidence that the number of ransomware attacks are lower than expected.

What, then, explains this decrease in ransomware revenue? Chainalysis called upon the expertise of medical professionals and internet researchers to help answer this question. According to Allan Liska in Recorded Future, the monitoring of the combined sites of the ransomware gangs (DLS) has shown a 10.4% drop in ransomware attacks in 2022 compared to the previous year. However, this 10.4% reduction in the number of ransomware attacks does not fully explain the 40.3% drop in revenue collected by ransomware gangs.

Numbers provided by Bill Siegel of Coverware suggest that much of the decrease in ransomware revenue appears to be due to the growing reluctance of ransomware victims to pay fees. Between 2019 and 2022, Coverware observed that the likelihood of ransomware paying a fee would drop significantly from 76% to just 41%. In an attempt to explain the decrease in ransomware victims willing to pay premiums, experts interviewed by Chainalysis pointed to the increasing demands of cyber insurance companies and threats by the US government to impose legal consequences for violating sanctions by paying for ransomware. The threat from ransomware and security in general has prompted companies to look for cyber insurance. At the same time, online insurance companies have encouraged their customers not to pay fees but to implement and rely on comprehensive accounting systems.

We have to see how well the Chainalysis show remains over time, but the situation in the cyber threat space may be looking at the ransomware front.