Cybercriminals can control huge networks of computers, called botnets, which can be used to distribute spam, malware and assist with organised crime.
Washington CNN  — 

Cybercriminals extorted a record $1.1 billion in ransom payments from victim organizations around the world last year despite US government efforts to cut off their money flows, crypto-tracking firm Chainalysis said in a report released Wednesday.

The surge in ransom payments, which nearly doubled the $567 million by Chainalysis in 2022, coincided with a “major escalation in the frequency, scope, and volume of attacks,” the New York based-firm said.

After the FBI announced an operation that thwarted $130 million in ransom payments for several months in 2022, a variety of cybercriminal groups have struck US casinos, hospitals and schools in 2023, and have sometimes collected big payouts.

An increasing share of the ransoms paid are over $1 million as hackers target rich companies that can afford to pay, according to Chainalysis.

Those high-profile hacks aside, the “everyday [ransomware] attacks on hospitals, small businesses, and government agencies are debilitating,” Jackie Burns Koven, Chainalysis’ head of cyber threat intelligence, told CNN.

The new report does not track additional losses, which often number in the millions of dollars, that victims suffer in trying to recover from ransomware attacks. MGM Resorts has estimated its recovery costs from a major ransomware attack last year at $100 million.

A ransomware attack that forced a major US fuel operator Colonial Pipeline to shut down in May 2021 made ransomware a top national security concern for the Biden administration. The US Treasury has tried to crack down on payments through sanctions, the White House has urged victims not to pay and the Justice Department has indicted and arrested some prolific hackers.

But the criminals are also adapting, and the problem remains endemic, especially for US schools and local governments without the resources to defend themselves.

Multiple US government agencies themselves were hacked by a Russian-speaking ransomware gang, as CNN first reported in July, though there were no reports of ransom payments made by those victims.