Ransomware Attacks, Payouts are Declining

Good news is often hard to come by, so enjoy this while you can: ransomware attacks are actually declining – at least that’s what the data are telling us.

Across the United States and the United Kingdom, organizations and governments are touting the accomplishment of a net decrease in ransomware attacks between 2021 and 2022. And while headlines highlighted various attacks on schools and organizations, the prevalence of cyber attacks of this nature have actually shrunk by 61%, according to data from Delinea.

That survey also found that the number of companies paying the ransom dropped from 82% to 68%, according to Security Magazine – citing the possibility that this might be the impact of widespread efforts to raise awareness by government agencies like the FBI. Per Coveware, a cyber-intelligence firm, the number of victims who chose to pay a ransom was 76% in 2019; in 2022, that number dropped to 41%.

According to an article from Bleeping Computer, this is partially because victims realize that paying the ransom doesn’t guarantee the return of files. In addition, the attacks don’t have the same negative impact on public perception as they used to, and companies as simply better equipped to handle it – both on a technical level and a PR one.

The US and British governments have worked to crack down on threat actors, potentially contributing to the overall drop, according to a press release. Through economic and financial sanctions and travel bans lobbied against threat actors, the governments are offering a concerted effort to slow the impact of ransomware, according to the release.

The Justice Department in the US has declared a victory in a battle against the Hive ransomware variant via a “21st century cyber stakeout” – wherein the DOJ swiped decryption keys and passed them to the victims to “free them from ransomware,” according to a statement from Deputy Attorney General Lisa Monaco.

“For months, we helped victims defeat their attackers and deprived the Hive network of extortion profits,” Monaco remarked earlier this year. “Simply put, using lawful means, we hacked the hackers.”

The overall decrease in ransomware profits totaled about 40% — a significant drop from the record-breaking $765 million according to a report from Bleeping Computer. However, the total value of $457 million received by attackers in 2022 is still significantly higher than the pre-pandemic $174 million in 2019.

But in a world where threats are getting far more complex, it’s easy to ignore the good news… and that might not be a bad thing, according to a column from CISO Tyler Farrar of Exabeam in Dark Reading.

“Ransomware gangs are like weeds. When one is taken down, others pop up in its place., the biggest takeaways that security professionals should learn from the government’s initiatives to stop Hive are that collaboration, with the right security tools, training, and incident-response plans, are key,” he wrote. “By taking the time to learn from RaaS groups and making the right security investments, security teams will be able to have the upper hand.”

Leave a Reply

Your email address will not be published. Required fields are marked*