The Justice Department seized $2.3 million in bitcoin that Colonial Pipeline paid to the DarkSide ransomware gang to reclaim its data, and it helped bring down the REvil ransomware gang months later.
Our optimism waned.
Despite this move, 2022 seems likely to be the worst year on record for ransomware attacks; a recent analysis reveals assaults have climbed by 80% year-over-year and that thieves have easily eluded law enforcement action by using ransomware as a service or rebranding.
In his capacity as CEO of Cloudflare, Matthew Prince has seen a "clear" increase in ransomware assaults.
In September 2022, roughly one in four poll respondents experienced a ransomware attack or threat.
Ransomware's worst year
2022 is the worst year for ransomware attacks.
It's the worst statistically.
This year, hackers are targeting firms where they can do the most harm, rather than essential infrastructure and financial services.
Vice Society hackers leaked 500 gigabytes of confidential data from the Los Angeles Unified School District, including conviction records and psychiatric evaluations of pupils. An assault on IT services company Advanced led the U.K.'s NHS to reschedule appointments and depend on pen and paper.
Attackers infiltrated Australian health insurance provider Medibank and got 9.7 million clients' personal information and health claims data for over 500,000 users.
The assault took abortion and alcohol-related disease data.
These assaults prove ransomware is becoming worse.
They illustrate that ransomware is a worldwide issue that requires global intervention.
In November, the U.S. government said it would create an International Counter Ransomware Task Force to boost information and capabilities sharing.
"This is a worldwide problem, therefore nations must work together," says Camellia Chan, CEO of X-PHY.
"However, teamwork alone isn't enough.
Signing agreements and exchanging information is nice, but it won't dissuade financially driven hackers who profit from assaults.
Governments need a new strategy to combat cybercriminals who are now having a lot of success.
Government collaboration?
"You can't arrest your way out of the issue," says SentinelOne's Morgan Wright.
Both transnational criminal ransomware perpetrators and nation-state actors have been discovered and indicted.
These criminals dwell in nations without extradition treaties with the indicting country.
Wright: "I'd want to see more human intelligence collecting."
"State actors and criminal groups require greater penetration.
Ransomware is generally considered a technological concern.
Nope.
Human greed utilizes technology to attain goals.
Increasing cryptocurrency market regulation might potentially target greed, as many predict it will after FTX's crash.
Former CISA assistant director Bob Kolasky suggested countries should minimize ransomware attackers' financing tools.
Regulatory pressure on the bitcoin market may help trace and recuperate ransomware payments, Kolasky says TechCrunch.
"We need governments to play a stronger role in banning cryptocurrencies," says David Warburton, head of networking startup F5 Labs. "While decentralized currencies, such as bitcoin, aren't intrinsically evil, they are a major issue."
Control and regulation destroy the fundamental aim of decentralized currencies, yet without Bitcoin, ransomware wouldn't exist, added Warburton.
Many ransomware gangs operate from nations with little desire to assist people being attacked, he added.
This situation has been aggravated by Russia's invasion of Ukraine, which interrupted collaboration between Europe, the U.S., and Russia on ransomware operations in Russia.
Jason Steer, chief information security officer at Recorded Future, said this field requires worldwide government backing.
"The attention has reduced dramatically in 2022 owing to Russia's operations," said Steer.
Even if nations join together to battle ransomware, it won't be effective immediately.
As we reach 2023, security experts predict ransomware to persist as hackers explore new attack channels.
“Governments are attempting to give additional resources.
Wright: "It's never enough."
Bad actors will always have the edge, but we should make them pay when they attack.