Even the hackers can't catch a break in today's tech economy: According to a new report, the surge in ransomware attacks in recent years is finally on the decline. As a result, hacker groups are laying off call-center spammers.
Both the volume of attacks and the payment amount has been dropping across the last year.
It's welcome news, given that ransomware threats cost billions and often rely on social hacking, which tricks employees into forking over passcodes and can't be prevented with traditional means such as highly secure business software.
Why Are Ransomware Hackers Getting Out of the Business?
The hacker group “Conti” laid off 45 call-center operators in 2022, according to an executive at intelligence company Red Sense.
According to this agency, the Department of Justice's crackdown on the threat is responsible for the reduction in hacker job security.
But the push against ransomware goes far beyond the US: Research and consulting firm Gartner reported last June that nearly a third of all nation-states are planning to debut their own laws governing ransomware by 2025. That's a huge leap up from a year earlier, when just 1% planned to introduce ransomware regulation.
It looks as though this particular category of hacking threat may have reached the final stretch of its life cycle.
The Ransomware Boom May Be Nearing an End
Ransomware attacks have turned into a huge business across the last three years, boosted in part by the hasty shift to remote work in early 2020.
As one report detailed, another key element in the domination of ransomware was the rise of “ransomware as a service.” Ransomware groups would make the software needed for the crime, but new actors would actually be the ones to deploy it, creating a more complex hacking ecosystem that sustained smaller actors — like call center workers or lone-wolf individuals.
The US was a prime target for the highest volume of attacks, earning a full quarter of all ransomware attacks in 2021.
But in 2022, the cracks first began to show for ransomware's success rate: Last year, one report found, the total dollar amount for payments dropped year-over-year:
Now, ransomware groups like Conti are downsizing.
Are Small Businesses Finally Safe From Attacks?
Ransomeware is particularly tough to defend against as a small business, and 82% of 2021 attacks targeted organizations with fewer than one thousand employees.
Granted, some industries were at a higher risk than others, with healthcase constituting one major target, and financial services another (ransomware accounted for 81% of all 2020 financial cyberattacks).
While businesses are all recommended not to pay any ransom, the dirty secret is that most of them do just that, with one survey finding 88% of executives who had already been hit by ransomware admitting that they would pay if attacked again.
In 2023, small businesses just might be able to breath a little easier.
But with ransomware seemingly on the decline, other cyber threats may be worth considering, too, from company email compromise to DDOS attacks on VoIP services. One thing's for sure: A lot of call center workers will need some new occupation, and there's always another scam.