Study: Cybercriminals’ revenue from extortion attacks is falling

study
Cybercriminals using extortion attacks are losing revenue

Cybercriminals’ revenue from extortion attacks has fallen by 40 percent in the past year, despite an increase in the number of attacks globally. This is the result of a study by the US cryptocurrency specialist Chainalysis, which was published in New York on Thursday (local time). The decline is due to the fact that more and more victims of so-called ransomware attacks refused to pay the ransom.

In ransomware attacks, criminal hackers penetrate IT systems, steal sensitive data and then lock their victims out with encryption technology. A ransom in the cryptocurrency Bitcoin is then usually demanded. Hackers often threaten to publish or sell stolen data. According to Chainalysis’ research, criminal ransomware groups extorted at least $457 million from their victims in 2022 – $311 million less than the year before.

Controlled attacks from Russia?

Recent victims of ransomware attacks include the city of Potsdam, the University of Duisburg-Essen, the British Post Office and the Canadian children’s hospital Sick Kids. It is believed that many ransomware groups are based in Russia. However, Russian authorities deny that the country is a safe haven for these groups. Experts also assume that many ransomware attacks are launched from North Korea.

Since the target addresses of the Bitcoin exchanges (wallets) are known in the blackmail attempts, the analysts at Chainalysis are able to track the money flows on the publicly accessible Bitcoin database (blockchain). Since 2019, the proportion of blackmailed victims who actually pay the ransom has fallen from 76 percent to just 41 percent. In a number of countries, the payment of ransoms has now become “legally more risky”, also because it could be associated with a possible violation of US sanctions against Russia and North Korea.

Blog entry Chainalysis

dpa