In 2023, the ransomware landscape saw an escalation in the scope, volume, and frequency of attacks, which cost $1.1 billion in cryptocurrencies. This is as per the 2024 Crypto Crime Report by Chainalysis. The report also pointed out that big game hunting, (where malicious actors aim to collect larger payments when successful), had become the winning strategy with over 75% of ransomware revenue made up of payments of $1 million or more.
Jackie Koven, Chainanalysis Head of Cyber Threat Intelligence said there has been significant losses that businesses incur due to productivity losses and remediation costs associated with the attacks. As an example, even though it didn’t pay out any ransom, MGM estimated the losses due to the attack it suffered last year to be in excess of $100million,” explained Koven.
She added the importance of understanding the ransomware ecosystem, identifying potential attackers, and also disassembling the mechanisms that empower them to carry out their attacks is important. Koven stated due to the globally distributed nature of these attacks, there is a need for a concerted effort between law enforcement agencies, governments, and technology providers to support organisations.
Chainalysis researchers stated in 2023 there were numerous new entrants and offshoots of ransomware strains. The ecosystem is widened by the growing popularity and ease of access to Ransomware as a Service (RaaS), in which outsiders known as affiliates can access malware to carry out attacks in exchange for a share of profits to the strain’s core operators.
Koven said, “The growth of initial access brokers (IABs) has made it easier for bad actors to carry out ransomware attacks. As their name would suggest, IABs penetrate the networks of potential victims, then sell that access to ransomware attackers for as little as a few hundred dollars. IABs combined with off-the-shelf RaaS, means that much less technical skill is required to carry out a successful ransomware attack. We found a correlation between inflows to IAB wallets and an upsurge in ransomware payments, suggesting monitoring IABs could provide early warning signs and allow for potential intervention and mitigation of attacks.”
