Ransomware actors got over $1billion in extorted cryptocurrency payments from victims in 2023.
These actors, who targeted high-profile institutions and critical infrastructure, including hospitals, schools, and government agencies, exploited file transfer software MOVEit for their operations, a report from Chainalysis revealed.
In a snippet of its anticipated, ‘2024 Crypto Crime Report,’ the blockchain firm disclosed that firms like BBC and British Airways were victims of attacks in the year.
Last year’s developments highlighted the evolving nature of cyber threats and their increasing impact on global institutions and security at large. The payments in 2023 have been the highest ever recorded, and according to the firm, it still does not capture the economic impact of productivity loss and repair costs associated with attacks.
The blockchain firm noted that the ransomware landscape is not only prolific but continually expanding, making it challenging to monitor every incident or trace all ransom payments made in cryptocurrencies. “It is important to recognise that our figures are conservative estimates, likely to increase as new ransomware addresses are discovered over time.
“For instance, our initial reporting for 2022 in last year’s crime report showed $457million in ransoms, but this figure has since been revised upward by 24.1 percent,” the firm said.
Ransomware is a type of malicious software that encrypts data, making it inaccessible to the owner. It is when someone else takes files hostage and demands a ransom payment in exchange for unlocking them.
Chainalysis explained that ransomware attacks are carried out by a variety of actors, from large syndicates to smaller groups and individuals, with the numbers on the rise. Allan Liska, Threat Intelligence Analyst at cybersecurity firm, Recorded Future, said. “A major thing we are seeing is the astronomical growth in the number of threat actors carrying out ransomware attacks.”
While threat actors might have had a field day in 2023, the fight against ransomware with collaboration between international law enforcement, affected organisations, cybersecurity firms, and blockchain intelligence also recorded significant victories.
Lizzie Cookson of Coveware pointed out, “The Hive takedown and the BlackCat disruption are both great examples of how the FBI has been prioritizing victims’ assistance, helping victims, and imposing costs on bad actors.”
Nigeria has not been spared in the growth of ransomware attacks, which grew by seven percent year-on-year in the first half of 2023, according to Kaspersky. In 2021, 44 percent of Nigerian firms paid ransomware actors for data breaches, Sophos, a United Kingdom-based cybersecurity solutions firm, revealed.
The Nigerian Communications Commission recently disclosed that the country loses about $500million yearly to cybercrime.