Home News Million Dollar Business: Ransomware Gangs Scooped $350 Mn in 2020

Million Dollar Business: Ransomware Gangs Scooped $350 Mn in 2020

Paying ransom does not guarantee data recovery, rather it encourages cybercriminals to continue their ransomware attacks on other companies.


Ransomware attacks were the most observed security threats among various cybercriminal activities in 2020. Cybercriminals target victims by encrypting their sensitive files, with an end goal to disrupt organizations’ operations and demand ransom or threaten victims by exposing the data on darknet forums. But have you ever wondered how it continues to be a profitable business for adversaries?

A Million Dollar Business

A recent investigation report from Chainalysis revealed that ransomware operators made over $350 million in ransom payments in 2020. It is also found that the total amount of ransom paid by the victims increased by 311% compared to 2019. Infamous ransomware operators such as Ryuk, Netwalker, Maze, Doppelpaymer, REvil, Conti, Snatch, Defray777, and Dharma are the top ransom earners last year.

“The 2020’s ransomware increase was driven by several new strains taking in large sums from victims, as well as a few pre-existing strains drastically increasing earnings,” the Chainalysis report stated.

Young Victims More Likely to Pay Ransom  

One of the questions victims face is whether to pay the ransom. Though it is against the law, several companies pay ransom to recover their critical data. According to Kaspersky’s Consumer IT Security Risks Report 2021, the age of the victim also affects the willingness to pay the ransom.

The survey found that nearly 56% of respondents who were affected by ransomware attacks paid the ransom to restore access to their data. This is highest among those aged between 35-44, of whom 65% paid to restore their data, compared to 52% of those aged between 16-24 and a far smaller 11% of those over the age of 55.

Paying Ransom is not the solution

Paying ransom encourages cybercriminals to continue their ransomware attacks on other companies. And sometimes, it does not guarantee the return of compromised data. While 53% of ransomware victims paid the ransom, 17% of them didn’t recover their data. Only 29% of victims were able to restore all their encrypted or blocked files after an attack. Half lost at least some files: 32% lost a significant amount, 18% lost a small number of files, and 13% lost almost all their data.

“The FBI does not encourage paying ransoms. Payment does not guarantee files will be recovered. It may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities. However, the FBI understands that when victims are faced with an inability to function, all options are evaluated to protect shareholders, employees, and customers,” the FBI said.

Related Stories