Victims paying an average of $118,000 in 2021 — a marked rise on the $88,000 recorded in 2020.
Ransomware payments are getting bigger — with victims paying an average of $118,000 in 2021.
Chainalysis, which performed the research, says this is a marked rise on the $88,000 recorded in 2020.
Explaining the trend, the blockchain intelligence firm said:
"One reason for the increase in ransom sizes is ransomware attackers’ focus on carrying out highly targeted attacks against large organizations."
The company had dubbed 2020 the "Year of Ransomware" — and in its Crypto Crime Report for 2021, it had initially forecast that $350 million in payments was sent by victims in 2020. This figure has risen substantially over the past 12 months, and now stands at $692 million.
At the time of writing, the total figure lost for 2021 stands at $602 million — but this too is expected to rise, likely because of underreporting by ransomware victims. Chainalysis added:
"Anecdotal evidence, plus the fact that ransomware revenue in the first half of 2021 exceeded that of the first half of 2020, suggests to us that 2021 will eventually be revealed to have been an even bigger year for ransomware."
Listen to the CoinMarketRecap podcast on Apple Podcasts, Spotify and Google Podcasts
Conti Dominates
The Conti group — which is believed to be based in Russia — was the ransomware strain that generated the most revenue last year.
It uses a ransomware-as-a-service model that "allows affiliates to launch attacks using its program in exchange for a fee."
DarkSide came second, and this group regularly hit the headlines in 2021 — not least for its attack on the U.S. Colonial Pipeline, which sparked fuel shortages.
Chainalysis singled out this incident as powerful proof of the damage that can be done, writing:
"The Colonial story serves as an important reminder of one reason ransomware attacks are so dangerous: They frequently target critical infrastructure we need to keep the country running — not just energy providers, but food providers, schools, hospitals and financial services companies as well."
Although all of these facts and figures seem daunting at first, Chainalysis says money laundering trends "show how small the ransomware ecosystem really is" — not least because 56% of funds sent from criminal addresses since 2020 have ended up at one of six businesses… with three large, international exchanges among them:
"By cracking down on the small number of services that facilitate this money laundering activity, law enforcement can significantly reduce attackers' options for cashing out, reducing the financial incentive to carry out ransomware attacks and hampering ransomware organizations' ability to operate."
