The total ransomware revenue dropped 40.3% in 2022 as per the recent estimation, with several indicators signaling a drop in victims willing to pay or, perhaps, report payments.
The total funds sent to known ransomware addresses globally fell from $765.5 million in 2021 to $456.8 million in 2022, suggesting that this huge drop is due to an increasing unwillingness on the part of victims to pay ransom demands rather than a decline in the actual number of attacks. Even the victim payment has fallen from 76% to 41%. Indeed, governments’ approach to dealing with ransomware response has continued to evolve.
The U.S. Treasury Department warned that it could act against those who pay ransoms to entities on its sanctions list. In March 2022, Congress passed legislation that requires critical infrastructure entities to report any ransom payments they make. Outside the U.S., the European Union has even tighter legislation on ransomware response, which allows member states to impose fines for paying ransoms under the Security of Network and Information Systems Directive.
As per the latest Gartner report, the percentage of countries passing legislation to regulate ransomware payments fines will rise 30% by the end of 2025 from less than 1% in 2021.
Despite the significant decline in ransomware revenue under tightening legislation over the past year, the implications of regulating ransomware payments are still controversial. This drop might also be due to victims’ unwillingness to report their ransomware payments for fear of legal consequences.
Other factors that drive the reduction in payment fall
- Cyber insurance firms, which usually reimburse victims for ransomware payments, play an essential role in the decrease of ransomware payments.
- Increased investment in resilient backups. Based on which the decision of whether they are forced to pay out of the equation.
- Tightening economic sanctions have made it harder for organizations to pay ransoms to Russian-originated actors.
- A risk-based decision under increasing regulations for ransomware payments and complicated political environments.
This report was released by researchers from chainalysis