Jul 12 – Early 2023 data indicates that ransomware activity is on track to upend previous records, concerning experts. Analysts report that, as of last month, ransomware attackers have extorted $449.1 million from organizations.

“Big game hunting” appears to be the driving force behind ransomware attackers’ revenue increase, as cyber criminals have resumed extortion of large enterprises that can (and will) turn over huge sums in ransom payments.

The ransomware gangs known as BlackBasta, LockBit, ALPHV/Blackcat and Clop are leading the pack when it comes to demanding and receiving these unprecedentedly high sums. Clop has an average payment size of $1.7 million, with a median payment figure of $1.9 million.

Higher ransoms

Experts believe that with the general decline in organizations’ willingness to pay a ransom, threat actors could strategically elevate their ransom demands. This change in business model would allow adversaries to compensate for losses via substantial payments from the few that give in to demands.

“If this pace continues, ransomware attackers will extort $898.6 million from victims in 2023, trailing only 2021’s $939.9 million,” said a spokesperson from blockchain analytics firm, Chainalysis.

Ransomware and conflict

In 2022, the Russia-Ukraine war may have been a contributing factor to the decline in ransomware attacks and ransom payments. For example, the Conti ransomware group stopped operating after declaring support for Russia.

It is thought that the conflict displaced ransomware operators and diverted their attention away from lucrative ransom opportunities.

For more ransomware insights from CyberTalk.org, please click here. Lastly, to receive more timely cyber security news, insights into emerging trends and cutting-edge analyses, please sign up for the cybertalk.org newsletter.