The cost of ransomware goes down as victims refuse to pay up
While ransomware attacks continue to be a major concern for a lot of businesses, there is light at the end of the tunnel with a new report showing an increasing number of victims refusing to pay the ransom. The cost of ransomware attacks reduced significantly in 2022 and it’s not because the number of attacks has reduced.
Blockchain research firm Chainalysis estimates that the number of ransomware victims paying extortion money has reduced from 76% to 41%.
According to data from Chainalysis, miscreants made a total of $765.6 million from their victims in 2021. The number fell to $456.8 million in 2022 representing a 40.3 percent drop. “The evidence suggests that this is due to victims' increasing unwillingness to pay ransomware attackers," the report read.
However, these numbers are just estimates from publicly available records. It should be pointed out that there are cryptocurrency sites run by attackers that are yet to be flagged on the blockchain and, therefore, not included in the Chainalysis data.
One reason that has been identified as discouraging companies from paying ransoms is legal consequences. Many governments now have regulations in place that prohibit businesses from paying ransoms.
Additionally, cybersecurity insurance companies who previously compensated companies after paying ransom have become more strict on who they insure and how the insurance money can be used. Insurance companies also now require proof that a business is employing the right protection and response strategies to protect itself from attacks.
“With controls such as viable and tested backups, employee training on phishing emails, and the systematic deployment of MFA, many businesses have either thwarted ransomware attacks or significantly reduced the severity of a ransomware incident by having a recovery strategy that does not include making the extortion payment,” says Theresa Le, chief claims officer at a cyber-insurance company for SMBs.
Another reason that’s discouraging victims from paying up is the inherent risk it carries. Paying a ransom does not guarantee that the attacker will hold their side of the bargain. It’s not uncommon for attackers to receive a ransom and still sell the stolen data.
Still, there are chances that the report is skewed since some businesses will pay a ransom but won’t admit it.
"Victim's unwillingness to disclose a ransomware payment to the public has always been an important factor when it comes to understanding the number and success of ransomware incidents," Scott Scher, senior cyber intelligence analyst at Intel 471 says.