February 8, 2023

It may be that the golden age of information piracy in exchange for ransom has ended after these operations have seen widespread growth and high profits as actors face more resistance.

Ransomware operations that have caused billions of dollars in damage are taking place around the world by hacking into the network of a company or institution and encrypting their data so that they can no longer access it and use their computers, so the extortionists demand a ransom in exchange for providing the victim with a key decryption to restart the network.

“I don’t know if we have reached the peak, but the growth (of this phenomenon) is declining,” Guillaume Poupart, director general of the French National Agency for the Security of Information Systems, told French parliamentarians last December.

Since then, several indicators have emerged that confirm the decline in the effectiveness of predominantly Russian-speaking ransomware groups.

Data released by the public prosecutor’s office in Paris, which has jurisdiction over all French territories in cases of this type, shows that the number of ransomware investigations has fallen to 420 after it increased from 17 in 2019 to 496 in 2021.

On a global level, amounts paid by victims to hackers decreased by 40.3 percent in 2022 to $456.8 million, the lowest level in three years, according to data released Thursday by U.S. company Chainalysis. specializes in the study of cryptocurrency payments.

“That number seems reasonable,” said Jerome Biva, cybersecurity partner at consulting firm Viviston, as large companies are better protected from the threat of ransomware and it has become “easier” to attack them. He noted that these operations are currently focused on “smaller targets” such as small or medium-sized companies, local governments and hospitals.

The same spokesperson explained that attacks on these sites are much less profitable for attackers, given that their options are limited or they cannot pay, as is the case with government agencies. But he explained that the lead time for an attack is the same whether it targets a network of 1,000 computers or a network of 50,000 devices.

As for Thales expert Ivan Fontarinsky, he confirmed that “ransomware attacks in 2022 did not increase, but, on the contrary, decreased in Europe.” talk about stability.

At the same time, the press secretary believed that “the target parties are increasingly agreeing on the “ransom” required from them,” and did not rule out that the attacks of some hackers had more “political” goals than financial ones, as far as the Russian-Ukrainian war is concerned.

“Imaginary Requests Away”

“Constant pressure from the authorities, multiple arrests” and “instructions not to pay” also play a role in this “slowdown” in the spread of ransomware, said David Grote, European spokesman for Mandiant, a US cyber defense company.

As for Valery Marchev, a MagIT journalist who constantly monitors the activity of ransomware groups, he noted that “ransom requests were weak in 2022” and stressed that fictional hacker requests, which totaled $50 million in 2021, “seem far “.

And the spokesman believed that the most important thing for extortionists now is “to ensure that the ransom is received, even if the amount is relatively moderate.”

However, all experts agreed that cybercrime is very serious, although it has been relatively quiet.

Loïc Goizo, general secretary of the French Association of Cybersecurity Professionals, said that large profits are being made from fraud in the digital NFT products accompanied by a certificate of authenticity, in the field of “decentralized finance”, as well as hacking of professional emails.

Leave a Reply

Your email address will not be published.