Billion-dollar business sector

According to data from research firm Chainalysis, publicly disclosed ransom payments nearly doubled in 2023, surpassing $1 billion, making last year the year that marked the resurgence of internet extortion.

The actual number is certainly much higher, as not all victims publicly report the incident. However, a rare bright spot is that the ransom amount decreased towards the end of the year. This is the result of efforts to improve cybersecurity capabilities, as well as increased awareness among victims about hackers keeping their promises to delete or return stolen data.

Record ransom amount

While an increasing number of extortion victims refuse to pay ransoms, cybercrime gangs have compensated for this decline by increasing the number of victims they target.

money grab bryce.jpg
Malware attacks are becoming a major problem for companies and businesses.

For example, in the MOVEit hack, the extortion group Clop exploited a series of unprecedented vulnerabilities in the widely used MOVEit Transfer software to steal data from the systems of over 2,700 victims. Many organizations had to pay ransoms to prevent them from publishing sensitive data.

Chainalysis estimates that the Clop group collected over $100 million in ransom, accounting for nearly half of the total value of ransomware attacks during June and July 2023.

Next, in September, the casino and entertainment giant Caesars paid approximately $15 million to prevent hackers from publicly releasing customer data. Notably, the August attack on Caesars went unreported.

Not stopping there, MGM Resorts – a major hotel and resort group – also had to spend over $100 million to "recover" after refusing to pay the ransom. MGM's refusal to pay resulted in sensitive customer data being leaked online, including names, social security numbers, and passport details.

Increased risk

For many organizations like Caesars, paying the ransom is the easier option than resolving the media crisis. However, as victims increasingly refuse to pay, cybercrime gangs are employing more extreme tactics.

For example, last December, hackers targeted a hospital treating cancer patients. Even more sophisticatedly, the Alphv hacking group (also known as BlackCat) used US government regulations on disclosing cyber incidents to extort MeridianLink, accusing the company of failing to report a "major breach of customer data and operational information."

Should ransom payments be banned or not?

Coveware, a company specializing in handling cyber extortion cases, assesses that if the US or any other country issues a ban on ransom payments, companies will almost certainly stop reporting incidents to authorities, reversing the process of cooperation between victim organizations and law enforcement agencies. Furthermore, such a ban would facilitate an illegal ransom payment market.

Meanwhile, some industry experts believe that banning companies from paying hackers would be a long-term solution, although it might lead to an increase in malware attacks in the short term.

Allan Liska, a risk analyst at Recorded Future, argues that if paying ransom remains considered legal, the practice will continue. “I used to be against the idea of ​​banning ransom payments, but things are changing now,” Liska said. “Extortion is on the rise, not only in terms of the number of attacks but also in the nature of the attacks and the gangs behind them.”

(According to TechCrunch)

Many new malware targeting smartphone users will emerge in 2024. In 2024, smartphone users are predicted to face more new types of malware capable of infiltrating, exploiting vulnerabilities, and taking control of their phones, including devices running Android and iOS operating systems.