Billion dollar business sector

Publicly disclosed ransom payments nearly doubled in 2023, surpassing the $1 billion mark, making last year a banner year for internet extortion, according to data from research firm Chainalysis.

The actual number is certainly much higher, as not all victims go public with their cases. However, the rare bright spot is that ransom payments have been decreasing as the year has ended. This is a result of efforts to improve cyber defense capabilities, as well as increased awareness among victims that hackers keep their promises to delete or return stolen data.

Record ransom

While more and more victims of ransomware are refusing to pay ransoms, cybercriminal gangs have made up for the decline by increasing the number of victims they target.

money grab bryce.jpg
Malware attacks are becoming a problem for companies and businesses.

Take the MOVEit hack, where the Clop ransomware group exploited a series of previously unknown vulnerabilities in the widely used MOVEit Transfer software to steal data from the systems of more than 2,700 victims. Many organizations had to pay ransoms to prevent them from publishing sensitive data.

Chainalysis estimates that the Clop group has collected more than $100 million in ransom, accounting for nearly half of the total value of ransomware cases in the period June and July 2023.

Then, in September, casino and entertainment giant Caesars paid about $15 million to prevent hackers from making customer data public. Notably, the attack on Caesars in August went unreported.

Not stopping there, MGM Resorts - a large resort hotel group, also had to spend more than 100 million USD to "recover" after refusing to pay the ransom. MGM's refusal to pay caused sensitive customer data to be leaked online, including names, social security numbers and passport details.

Increased risk

For many organizations like Caesars, paying ransoms is an easier option than dealing with a PR crisis. But as victims increasingly refuse to pay, cybercriminal gangs are resorting to more extreme tactics.

For example, in December last year, hackers targeted a hospital treating cancer patients. Or more sophisticatedly, the hacker group Alphv (also known as BlackCat) used the US government 's cyber incident disclosure regulations to blackmail MeridianLink, accusing the company of failing to notify them of a "severe breach of customer data and operational information."

To ban or not to ban ransom payments?

Coveware, a company that specializes in handling cyber extortion cases, assessed that if the US or any other country issued a ban on paying ransoms, companies would almost certainly stop reporting incidents to authorities and reverse the process of cooperation between victim organizations and law enforcement agencies. Not only that, the ban policy would facilitate the market for illegal ransom payments.

Meanwhile, some industry experts believe that banning companies from paying hackers would be a long-term solution, even though it could lead to an increase in malware attacks in the short term.

Allan Liska, a threat analyst at Recorded Future, said that as long as ransom payments remain legal, the practice will continue. “I used to be against the idea of ​​banning ransom payments, but things are changing,” Liska said. “Extortion is on the rise, not just in terms of the number of attacks, but also the nature of the attacks and the gangs behind them.”

(According to TechCrunch)

Many new malware targeting smartphone users will appear in 2024 In 2024, smartphone users are expected to face more new types of malware that can penetrate, exploit vulnerabilities and take control of phones, including devices running Android and iOS operating systems.