According to a new report from Chainalysis, ransomware attackers have stolen $449.1 million dollars from victims through June 2023.  This is $175.8 million more than the same time period the year prior. “If this pace continues, ransomware attackers will extort $898.6 million from victims in 2023, trailing only 2021’s $939.9 million,” Chainalysis said.

Researchers believed ransomware had begun to trend downward in recent times, however with the announcement of this new data, that could all be changing. Chainalysis believes that it could be because cybercriminals have begun “big game hunting”.

Organizations are targeting larger organizations that have the potential to amount to a larger payday – and it appears as though it’s working.

For example, Clop is a ransomware gang with ties to the Russian Government, and putting larger targets in their crosshairs has made them pretty successful in 2023. They average payment they’ve received in 2023 so far is $1,730,486. Its median payment so far this year has been $1,946,335.

So what does this early 2023 data mean? With some of the major ransomware groups having representatives arrested and their infrastructures destroyed, there was hope that the allure of being a ransomware attacker was beginning to diminish. Organizations both large and small were also more likely to implement a much stronger security infrastructure in addition to teaching their employees the various dangers to watch for to combat the threat. All of these occurrences were thought to have aided the downward ransomware trend. However, this new report from Chainalysis might put to bed the idea that ransomware might be slowly dying.

In fact, it suggests that cybercriminals may be using ransomware more than ever, and focusing on larger targets to boot.

Initially, ransomware groups would go through your data, encrypt it, and demand payment from you if you wanted it unlocked. This is still a popular tactic – but it’s also a lot of work. Why go through all the trouble of encrypting files when a ransomware gang can just steal the data and threaten to leak it? This is exactly what a lot of cybercriminals these days are doing.

One reason hackers became more aggressive with their distortion tactics could have something to do with the fact that they likely didn’t hit their financial expectations in 2022. “We think as a result of their budgetary shortfalls in 2022 we’ve seen these more extreme extortion techniques, ways to kind of twist the knife,” Jackie Burns Koven, head of cyber threat intelligence at Chainalysis told WIRED magazine. “In 2022 we were very surprised to find that decline. Then we talked to external partners – incident response fires, insurance companies – and they said, yeah, we’re paying less, and we’re also seeing fewer attacks,” she continued.

Koven also attributes the upward rise in the ransomware trend on the Russia-Ukraine conflict.

“I really think the tide of the Russia-Ukraine conflict has impacted these numbers. Whether that’s actors have settled into safe locations, whether their year of military service has finished, or whether perhaps there’s a mandate to release the hounds.”

Story via TechRadar