Victims of cyber-crime are refusing to pay ransom demands – hitting the hackers in the pocket, claims the BBC.
A report claims so-called ransomware gangs have had a 40% drop in earnings.
The BBC reports cryptocurrency experts at Chainalysis say criminals extorted at least $457m (£370m) from victims in 2022 – $311m less than the year before.
However, observers accept the real numbers are likely to be higher, but agree that fewer are paying out against a backdrop of a massive increase in attacks.
The criminal crews, many of whom are based in Russia, attack institutions such as commercial companies, governments, schools and even hospitals across the globe.
They then lock users out of the system and demand a crypto-currency to desist.
Vulnerable commercial sectors such as logistics are targeted becaus eof the chaos that can be caused by a computer system being compromised. The Royal Mail export service was hit recently.
Chainalysis has been able to track money flowing in and out of Bitcoin wallets which are known to be owned by ransomware crews.
Researchers say the trend is clear: ransomware payments are dipping.
This is partly because some companies have devised cyber-security to get around an attack while others simply refuse to pay up.
Few companies will admit to having paid a ransom to hackers but many are increasingly admitting they have been attacked, so common are the incidents now.
According to the BBC, Bill Siegel, of Coveware, said his clients are becoming increasingly reluctant to give in to hackers, who can demand millions of dollars.
In 2022, 41% of his clients paid ransoms compared with 70% in 2020, he says.
Another analyst said: “Additionally, as ransomware attacks have become so common, they are less of a PR disaster for companies, making them less likely to pay to keep incidents quiet and out of the news.”
Cyber-security firm Fortinet says 10,000 unique types of the malicious software were active in the first half of 2022.