More than $1 billion USD was paid to cybercriminals in 2023, according to a reportby blockchain data platform Chainalysis. The figure is the highest ever recorded, doubling the previous year’s $567 million in a “watershed” year for ransomware. The findings point to an escalating ransomware problem and a difficult cyber landscape.

ReportFindings Explained

Ransomware payments to cyber criminals were $983 million USD in 2021, $567 million in 2022, and $1.1 billion—almost $1.5 billion CAD—in 2023, Chainalysis found. Although 2022 witnessed a drop, this could have been caused partly by the Russia-based threat actors’ focus on the conflict in Ukraine that year. Regardless, Chainalysis’s figures suggest an upward trend in ransomware payments over time. Moreover, 2023 saw increased frequency, scope, and volume of attacks.

Additionally,“big game” ransom payments—those sought by threat actors conducting fewer attacks for bigger paydays—continue to grow, accounting for less than 60% of ransom payments in the second half of 2021, but more than 80% in 2023.

ReasonsBehind Escalating Ransomware

The cyber landscape continues to evolve as threat actors adjust their tactics to find new ways to exploit victims.

“The growth of ransomware revenue is disappointing following the sharp declines we covered last year [2022] and suggests that perhaps ransomware attackers have adjusted to organizations cyber security improvements,” said Chainalysis in a recent blog post.

Additionally, Ransomware-as-a-service (RaaS) and the availability of hacking tools make it easier for cybercriminals to launch attacks. Specifically, RaaS—a business model where threat actors pay to access malware and ransomware tools—has lowered the barrier to entry, meaning that less sophisticated criminals can now find ways to extort victims. Additionally, threat actors are increasingly targeting zero-day vulnerabilities—a known system vulnerability that has yet to be patched—as demonstrated by the MOVEitbreach that hit thousands of organizations last year.

Next Steps

Organizations should review their cybersecurity measures to protect themselves from ransomware and other cyber threats. Moreover, organizations must implement robust cybersecurity defences to lessen the chance of losses, including strategies to reduce the likelihood of malicious content reaching devices and networks. Additionally, organizations should keep up-to-date backups to enable swift restoration in the event of a breach. Above all, cyber insurance can help protect organizations from the devastating consequences of cyberattacks.

Contact us today for further guidance and insurance solutions.