In 2023, ransomware revenues exploded upwards, despite a marked drop in 2022. In its latest study, Chainalysis dives into these figures, which reached a record high last year.
Ransomware revenues explode on the rise in 2023
When it comes to cybersecurity, ransomware is a non-negligible risk for businesses, and the amounts extorted in 2023 reached record highs, according to the latest Chainalysis survey.
So, 2022 had marked a turning point in the trend, but in retrospect it seems more a statistical anomaly than a genuine reversal. And with good reason, the amounts extorted in 2023 came to $1.1 billion, almost double the previous year:
Figure 1 – Annual history of amounts paid to ransomware
For 2022, Chainalysis had tried to explain the drop, among other things, by the choice of companies to no longer give in to the threat in the face of the risk of sanctions. Indeed, such payments could be assimilated to the financing of entities sanctioned by the Office of Foreign Assets Control (OFAC) in the U.S.
Now, the on-chain analysis company blames this drop on the war in Ukraine, and a shift in priorities from these malicious entities to political targets. Nevertheless, these justifications should be taken with a pinch of salt, given that the war is still going on, and the numbers have exploded in spite of everything.
A change of targets?
Beyond the trend, the figures announced should also be treated with a degree of caution, with Chainalysis emphasizing the difficulty of estimating them accurately.
Thus, the company regularly re-evaluates its statistics as it perfects its tools, and it is for this reason, for example, that payments to ransomware in 2022 are estimated at 567 million dollars versus 457 originally.
In addition to the not inconsiderable rise in 2023, however, a change in trend can be observed among targeted companies. Over the years, the operators of such programs have tended to target an ever-increasing number of companies with substantial resources.
As a result, the graph below shows a growing proportion of ransomware payments in excess of one million dollars:
Figure 2 – Evolution of payments of over one million dollars to ransomware
Once extorted, a long process of money laundering can begin, using a variety of means. The following graph shows some interesting data.
Although their use seems to be declining, centralized exchanges remain one of the preferred choices of malicious entities. This is also the case for cryptocurrency mixers, which are back with a vengeance after a slight decline following OFAC sanctions against Tornado Cash, unsurprisingly demonstrating the ineffectiveness of the measures taken at the time:
Figure 3 – Means used to launder extorted funds
Now that the market is on the rise again, it will be interesting to observe the 2024 figures next year to see whether or not they correlate with price trends.
