Several reports looking at Ransomware in 2022 have reported a decline in profits for the main threat actors, from the looming numbers of circa $800 million in 2021, as victims refused to pay.

@DarkReading quoting @Chainanalysis mentions a drop of about 40% in willingness of victims, mainly major corporations, as defenses are beefed up, critical incident preparedness protocols and processes improved, and cyber insurers implement more stringent policies. Having said that it is important to understand that the real numbers are much higher than those mentioned in reports and quoted by the media. As with most types of financial and economic crime, a major share of ransomware attacks and profits sneaks below the radar as victims have no incentive to report unless they have cyber insurance and the share of these is relatively low.

Facing this situation the threat landscape is likely to adjust. Some of the major threat actors will improve techniques in a quest to find new pressure points to make the major corporations and organizations pay. Others, mainly smaller groups splintered from the major ransomware organizations will concentrate on smaller businesses. These splinter cells will likely demand significantly lower ransoms but execute attacks in a volume larger by orders of magnitude on small and medium businesses, that are usually less-or-totally unprotected, unprepared, under insured (if at all) and have very little choices other than to pay. As we at @CIPTEAM have recently noticed, the variety of threat actors is on the rise. Many of them are small, lacking the infrastructure and processes of their larger colleagues, but posing the same if not graver risk on the unprepared. The potential granulation of the threat landscape adds challenges to defenders and crisis managers alike as the smaller threat actors are less known, lack clear processes and require a higher level of professionalism and experience to be dealt with. Overall it seems the threat of ransomware is far from departing the list of business risks in 2023 just the opposite.