Ransomware Groups Earned 40% Less Last Year

Ransomware payments rose by hundreds of millions in 2020, but new data indicates they peaked in 2021.

Crime doesn't pay. Or, at least, it pays 40% less than it used to.

That's according to researchers who found ransomware groups earned just $456.8 million across 2022, down from a peak of $765.6 million the year before.

It's the rare bit of good news for those following this particular type of cyber crime, which has skyrocketed in recent years and still poses a considerable threat to businesses everywhere, particularly given the sharp rise of remote work.

Fewer Companies Are Paying Ransoms

Researchers at Chainalysis have tracked the last six years of ransomware payments, and in 2022, those payments were down across the industry for the first time in years.

Ransomware Chart

The amounts refer to the total amount that the researchers have identified, so the true dollar amount of all the payments is likely higher. Still, the trend line has clearly started to arc downwards.

For those not in the know, a ransomware attack refers to a malicious software that is designed to lock up a business's sensitive digital data. Once a ransom is paid, the attacker will ostensibly release the data back to the company.

In keeping with “don't negotiate with terrorists” logic, most experts agree that businesses should always refuse to pay a ransom. However, studies show that businesses haven't always agreed. One 2021 survey polled “300 US-based IT decision-makers” to find that a huge 85% had actually paid the ransom once they had fallen victim to a ransomware incident.

Now, that's changing.

Ransomware's Still a Big Problem

Granted, crime is still paying quite a bit, as $456.8 million remains a lot of money for anyone. And to make matters worse, the ransoms are the tip of the iceberg for money lost due to this type of cybercrime.

After all, any business that falls victim also loses revenue thanks to the locked data, some or all of which may never be recovered. Total costs surpassed $1.2 billion in 2021 alone, by one count.

The massive jump in ransomware payments between 2019 and 2020 is worth noting, as well. The Covid pandemic is the likely culprit, for two reasons. First, many companies were in disarray due to the unexpected disruptions caused by the need to isolate and stay distanced. But the second reason is more long-lasting: The pandemic spurred a greater shift to flexible and fully remote work, which has opened up more avenues for online criminals to access companies' data.

Expanding remote work is definitely a good thing: Employees with remote work options are happier and healthier. But it does increase a business's need to invest in cyber security. Tools like business VPNs, password managers, and remote access software can protect employees from unsecured networks or cyberphishing, and can alert a business to security holes.

Businesses are paying out fewer ransoms, which will eventually make ransomware a less attractive line of work for criminals around the globe. But investing in online security makes a business that much less likely to decide whether or not it needs to pay in the first place.

Written by:

Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for more than a decade. He was a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and he has an art history book on 1970s sci-fi out from Abrams Books in 2023. In the meantime, he's hunting down the latest news on VPNs, POS systems, and the future of tech.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals