It seems that 2023 provided a renaissance of sorts for ransomware, as a new report claims diverse strategies among threat actors, and a shift in the threat landscape, resulted in recordbreaking extortion sums.
New findings from Chainalysis claim that after a dip in 2022, ransomware gangs surpassed a historic milestone last year by extorting over $1 billion in cryptocurrency payments from victims.
The company says there are multiple factors that contributed to this infamous milestone. First, the RussoUkrainian war helped contribute to the decrease in ransomware activities observed in 2022. Another reason was FBI’s impactful intervention, as the law enforcement agency successfully infiltrated the Hive ransomware group and prevented more than $210 million in ransom payments to be made.
Positioning for action
However in 2023, the ransomware landscape evolved, with attacks growing more complex and bigger in scope, the report adds.
The threat actors increasingly utilized zeroday vulnerabilities in their attacks, with the notable example of Cl0p exploiting the MOVEit zeroday. Also, they diversified their strategies, and included “big game hunting” going after highprofile institutions and critical infrastructure organizations worldwide, capable of making significant payments. Among the victims, Chainalysis singled out the BBC and British Airways.
The hackers also developed RansomwareasaService (RaaS) models that allowed lowskilled affiliates to run devastating ransomware attacks, as well.
Finally, the ransomware ecosystem is fluid, with groups constantly rebranding, or overlapping strain usage. New threat actors emerge almost daily, successfully adapting to regulatory changes and law enforcement actions.