At the very beginning of 2023, we wrote that the past year 2022 has become much less profitable for hackers than previous years. At the time, analysts explained this as the world getting used to ransomware, adapting to the new reality, and hacked companies stopping paying ransoms to decrypt their data. Instead, attack victims turned to security professionals for help and invested in protecting their systems. However, by all accounts, this was a statistical error, because a year later we are faced with a completely different situation.

They looted recorded

According to the Chainaliz report, attackers have “stepped up their operations” targeting large institutions, hospitals, schools and government organizations. Acquisitions nearly doubled last year to $1.1 billion from $567 million in 2022.

Hacker “earnings” statistics from 2019 to 2023 / Photo: Chainalytics

According to cybersecurity firm Emsisoft, 46 US hospital systems were directly affected by ransomware in 2023 and experienced outages due to lack of access to IT systems and patient data. In 2022, the number of such cases was 25, and in 2021 it was 27. However, schools were the most affected, with 108 cases recorded.

Although a significant reduction in payments in 2022 was initially seen as a ray of hope, we now see that this is in vain. Now Chainalytics largely attributes the past decline in activity to the war in UkraineIncreased significantly in 2022. Company Russian occupation “Not only has it disrupted the activities of some cybercriminals, it has also shifted their focus from financial gain to espionage and politically motivated cyberattacks aimed at creating disruption.”. Additionally, many ransomware programs are based in Russia and Ukraine. It is therefore likely that many cybercriminals will be released and some will join the military. Now that hackers have adapted, they have gone back to their old ways.

Threat intelligence company Recorded Future reported this outlook 538 new ransomware variants in 2023. Major criminal organizations are now focusing more on high-value organizations to demand higher ransoms. Additionally, the use of ransomware as a service (RaaS) has increased significantly. This allows people with less technical knowledge to actually rent the virus by paying a certain amount to the developer of the encryption program.