Organizations have paid more than $600 million in cryptocurrency during 2021, nearly one-third to the Conti ransomware gang.

Last week, cybersecurity agencies from the U.K., the U.S. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021.

According to a report published by the blockchain analysis firm Chainalysis, organizations have paid $602 million in cryptocurrency during 2021. These figures represent a slight decrease compared to last year when organizations paid $692 million in cryptocurrency, but Chainalysis experts warn that other payments could be identified in the next weeks.

“Sure enough, we updated our ransomware numbers a few times throughout 2021, reflecting new payments we hadn’t identified previously.” reads the report published by Chainalysis. “As of January 2022, we’ve now identified just over $692 million in 2020 ransomware payments — nearly double the amount we initially identified at the time of writing last year’s report.”

“There is a slight time lag in ransomware data, so we expect when these numbers get updated in a few months, 2021 will have higher numbers than 2020.” added the company.

However, experts added that the true total for both 2020 and 2021 is likely to be much higher. 

Going deeper into the analysis, we can notice that the Conti operations accounted for the biggest revenue in 2021, extorting at least $180 million from victims.

Conti ransomware operators run a private Ransomware-as-a-Service (RaaS), the malware appeared in the threat landscape at the end of December 2019 and was distributed through TrickBot infections. Experts speculate the operators are members of a Russia-based cybercrime group known as Wizard Spider.

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed the increased use of Conti ransomware in more than 400 attacks on U.S. and international organizations. 

Darkside was the group with the second-highest revenue in 2021, experts estimated that the earnings of the group reached around $85 million. Darkside made the headlines in May 2021 with the attack on the Colonial Pipeline facility in Pelham, Alabama.In the aftermath of the attack, Darkside gang shut down its operations, fearing the response of law enforcement. The group also claimed that the feds seized part of its infrastructure and some wallets it was using for its operations. In July the group rebranded its operation with the name BlackMatter.

The report also shows an increase in ransomware payment sizes in 2021, a worrisome trend that began in 2018. The average ransomware payment size in 2021 was over $118,000 in 2021, up from $88,000 in 2020 and $25,000 in 2019. 

Ransomware attacks are profitable cybercrime activities, for this reason, experts observed that the number of ransomware operations increased in 2021. Chainalysis reported that at least 140 ransomware strains received payments from victims in 2021, compared to 119 in 2020, and 79 in 2019. Experts expect that the above trends will continue to increase in 2022.

With thanks to the Cyber Defence Association and Security Affairs. the full story is here: https://securityaffairs.co/wordpress/127974/cyber-crime/ransomware-payments-600m-2021.html

Request A Demo: Security Awareness Training

New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defence. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/demo_kcm_partner?partnerid=001a000001lWEoJAAW