Victims Refuse to Pay; Ransomware Revenue Decreased in 2022

An analysis by Chainalysis has found that in the fight against ransomware, the year 2022 was one of the most impactful. As a result of the attacks, hackers have extorted at least $456.8 million from victims, down from $765.6 million the previous year.

Not Paying the Ransom

Based on the latest data about ransomware that has been published, it is evident that ransomware payments have been on a decline in recent years.

It should be noted, however, that this does not mean the attacks are down, or at least not as much as the drastic drop in payments would suggest. It has been observed that much of the decline in ransomware attacks can be attributed to the increasing refusal of victim organizations to pay the attackers. 

According to research from the cybersecurity firm, over 10,000 unique ransomware strains were active in the first half of 2022, despite a drop in revenues, the number of unique ransomware strains in operation has exploded in 2022.

As on-chain data confirms, there is a significant increase in the number of active strains in recent years, but most of the ransomware revenue at any given time is concentrated in a small number of strains. There is, however, a high level of turnover among the top-grossing strains across the whole year.

The total ransomware revenue for 2022 dropped from a high of $765.6 million in 2021 to at least $456.8 million in 2022 – a massive drop of 40.3% from last year’s figure. Evidence suggests, however, that the decline in ransomware attacks is due to victims’ unwillingness to pay ransomware attackers, rather than a decline in the number of attacks that are actually taking place. 

Since 2019, there has been a decline of 76% in victim payment rates to just 41%. But what does this shift have to do with what exactly is going on? There is one major reason why paying ransoms has become a potentially risky business, especially since an OFAC advisory issued in September 2021 outlined the possibility of sanctions if ransoms are paid.

As a result, payments are decreasing, which means many people are abandoning their data in order to save money. It is more important to note that people may hold onto their backups for longer and perhaps be less hesitant to pay for them in the future. After all, hackers are still optimistic about this kind of revenue and the number of attacks is on the rise.