Ransomware Operations Are Becoming Less Profitable
-
The article discusses the shifting landscape of ransomware attacks and payments, highlighting a decrease in ransomware payments despite an increase in attacks. Several factors contribute to this trend, including increased cyber resilience of organizations, the availability of decryptors, more frequent law enforcement actions, and disruptions to ransomware gangs.
Chainalysis, a blockchain analysis firm, reports a significant decrease in ransomware attacks involving payments despite the surge in attacks in 2023. This decrease is attributed to various factors, including the professionalization of the criminal underground and lower barriers to entry for deploying ransomware, making it harder to profit from these activities.
Law enforcement victories against ransomware gangs, such as the disruption of the Qakbot botnet and the infiltration and disruption of the LockBit ransomware gang, have had varying effects. While the Qakbot disruption had a short-lived effect, the LockBit infiltration compromised the foundational trust within the LockBit community, significantly undermining its operations and leaving affiliates in disarray.
The 2023 takeover of ALPHV/Blackcat leaks sites and the creation of a decryption tool initially had a small effect on the group's operations. However, BlackCat's exit scam marked a major disruption in the ransomware payment ecosystem, tarnishing the group's reputation and casting doubt on the ransomware-as-a-service business model.
Despite the persistence and adaptability of ransomware gangs and their affiliates, law enforcement disruptions are beginning to show cracks in the ransomware ecosystem. While some disruptions may have a larger initial effect, others may have a greater impact in the long run.
ที่มาแหล่งข่าว
https://www.helpnetsecurity.com/2024/05/07/ransomware-payments-falling/
