According to the latest findings, global ransomware profits fell to the lowest in three years in 2022, valued 40% lower compared to 2021’s numbers.
Could this be a sign that businesses are wising up to the threat of ransomware or are cybercriminals pivoting to alternative strategies?
The panic and disruption triggered by Covid-19 proved to be the ideal environment for criminals to exploit businesses to hand over millions to criminals. But after years of heightened warnings regarding cybercrime, criminals are now seeing their financial exploits decline from ransomware attacks. Dominik Samociuk PhD , Head of Security at Future Processing, member of Software Development Association of Poland (SoDA), discusses why ransomware profits are in decline.
Samociuk said: “Obviously, the decline in ransomware profits is a positive sign for the business community, particularly when you take into consideration the harsh economic conditions we continue to navigate. It could be that we are seeing businesses become more vigilant towards potential attacks or criminals are opting for fresher, more harmful tactics they could potentially weaponise.
“Unfortunately, the grim truth is that ransomware attacks do continue to rise. Although revenues are falling, the frequency of attacks are escalating – with 2022 seeing a dramatic increase of attacks by 77% compared to 2021 figures. A flurry of cybercriminal gangs faced arrest in recent years, convicted of targeting bigger, blue-chip businesses and organisations.
“The feeling is that there is a bigger target on your back when attacking larger organisations with the prospect of a higher pay-off. Cybercriminals have now turned their attention to carrying out more frequent attacks, on smaller, less suspecting targets.
“We are seeing a growing number of victim organisations simply refusing to pay the ransomware demands. More organisations are willing to sacrifice any data that may have been stolen in a bid to save themselves financially speaking.”
Although profits are down, ransomware activity continues to burden UK businesses. Samociuk offers guidance on how organisations can better equip themselves if they were to fall victim to ransomware.
“If your organisation comes under attack, the most important step to remember is to not pay the ransom. The reason for this being is because it only encourages the criminals to rinse and repeat their actions either on others or yourself once again. Backing up data either off-site or via cloud is essential.
Swiftly identifying the affected endpoints will be another key area to ensure is covered in the event of an attack. Disconnecting infected endpoints from the network will stop the spread of malicious ransomware affecting other endpoints.