2023 saw a huge increase in cybercriminals using ransomware to extort money from victims. According to blockchain company Chainalysis, victims paid a record $1.1 billion in cryptocurrency to ransomware attackers in 2023. This is 48.45% more than the $567 million paid in 2022 and the highest amount Chainalysis has seen since it started tracking ransomware payments in 2019.
Ransomware is malicious software that locks up a target’s data or systems. The attackers demand ransom, usually in cryptocurrency, to restore access. Sometimes they also threaten to leak or destroy the data if not paid. Chainalysis said ransomware groups were more active in 2023. They targeted high-profile organizations like hospitals, schools, and government agencies. New and complex ransomware versions also emerged. Attackers exploited software vulnerabilities and supply chain hacks.
One factor in the rise in ransomware payments was bitcoin’s performance. Bitcoin is the biggest and most popular cryptocurrency. Its price jumped 59% since September 2022 to $43000. This was driven by a new U.S. bitcoin ETF and hopes for interest rate cuts.
An increasing number of new players were attracted by the potential for high profits and lower barriers to entry, Chainalysis said.
The bitcoin price increase made ransomware more profitable and appealing to cybercriminals. Most demand ransom in bitcoin. Chainalysis said more new players entered, attracted by potential high profits and low barriers. The report also saw a shift in tactics. Attackers focused on extorting large payments of $1 million or more from victims with deep pockets.
Notable Crypto Ransomware Incidents In 2023
One notorious 2023 ransomware group was CL0P, according to Chainalysis. It took in almost $100 million in ransom payments. CL0P exploited the MOVEit file transfer software, hitting hundreds of organizations like government agencies, telecom regulator Ofcom, and Shell.
Another big group was Black Basta. A November report revealed it laundered at least $107 million in bitcoin through Russian exchange Garantex despite sanctions. Black Basta was also behind the MGM Resorts breach that cost over $100 million. Chainalysis said ransomware is a financial and national security threat. Some payments go to rogue states like North Korea, which uses crypto theft for income.
Chainalysis said its figures only cover crypto payments to known illicit wallets. They don’t include productivity losses and repair costs from attacks. Some incidents may also go unreported or undetected. More ransomware wallets likely exist too. The report also didn’t count crypto payments for things like drug deals that could inflate crypto’s role in crime.
Chainalysis concluded ransomware is a growing problem needing a coordinated response from law enforcement, regulators, policymakers, and companies. It urged people to take preventative steps like backing up data, updating software, and using antivirus tools.
Related Reading | Analysts Bullish On Ethereum & Altcoin Market Potential