Facts

• The Wall Street Journal on Wednesday reported that extortion payments from ransomware fell last year, citing improvements made by companies in their security practices and new tactics adopted by US authorities to tackle such attacks.^[1]
• According to a report by blockchain analysis firm Chainalysis published in January, identified ransomware revenue dropped by more than 40 percent, from $766M in 2021 to $457M in 2022.^[2]
• IBM's annual X-Force Threat Intelligence Index, released Wednesday, found that while ransomware's share of incidents decreased by just four percent, defenders have had more success detecting and preventing it. The document, however, stressed that the average time to execute such an attack has fallen to less than four days.^[3]
• Meanwhile, the decline in revenue has reportedly affected the job market for hackers and others participating in such threats, with hacker group Conti having laid off 45 call-center operators who were allegedly working in a scheme to spread ransomware attacks.^[4]
• Since the 2021 Colonial pipeline attack, the Biden admin. has treated ransomware as a threat to national security, imposing sanctions on operators to deter further attacks as well as recovering payments, seizing assets, and giving away decryption keys to help mitigate damages.^[1]
• The US Dept. of Justice reported last year that it had been investigating over 100 variants of ransomware and hacker groups suspected of causing over $1B in losses to victims.^[4]