In today’s world, the internet makes it possible for over 4.33 billion users to communicate with each other daily. This communication involves the sharing of 3.2 billion images and 720,000 hours of video daily. As these communications ensue, or as they browse through the internet downloading files and interacting with apps, the risk of a user downloading malicious files and softwares into their computer devices has risen as well.
In the process of opening these files and softwares, ransomwares are introduced into users’ computer systems which can cause damages if there is no security system in the computer. A ransomware is a malicious software that threatens to release a user’s data publicly or block the users from accessing their data until they pay a “ransom” to the attacker. This kind of attack is launched with encryption which seals the data until the ransom is received.
Chainalysis in a report on crypto crime in 2022 said that revenue received by ransomware attackers via crypto addresses from their victims fell to $456.8 million from $765.6 million in 2021. Despite this, attacks were on the increase. And this is because victims are becoming unwilling to pay any ransomware to attackers any more. And here are the reasons:
Avoidance of sanctions
In September 2021, OFAC started a campaign that made payment of ransomware an illegal act which can also attract sanctions. Allan Liska, a Threat Intelligence Analyst, said in the report that there are legal consequences for users who pay ransomware attackers.
Also, Bill Siegel, the CEO & Co-Founder of Coveware, noted that his company does not pay any ransomware, especially in a case where the entity has been sanctioned or connected to any sanctioning before.
Changes in cyber insurance services
The second reason behind refusal to pay for ransomware is that insurance services are changing to mitigate losses related to ransomware. Again, Allan explained that insurance companies are paying more attention to who they insure and what the money is used for. “So they [insurance companies] are much less likely to allow their clients to use an insurance payout to pay a ransom”.
Also, Michael Phillips who is the Chief Claims Officer at Resilience added that the requirements needed to access ransomware-based insurance are so strict that a lot of companies avoid trying to obtain such services. Thus, they avoid paying any ransom which “has led to lower incident costs for companies and contributed to a decreasing trend in extortion payments.”