However, research by US blockchain analysis firm also reveals that ransomware victims are paying less frequently
Last year was one of the most tumultuous in cryptocurrency history, with several large firms imploding, including Celsius, Three Arrows Capital, FTX, and others – some amid allegations of fraud. The year also showed that illicit transaction volume in crypto currenciesrising for the second consecutive year, hitting an all-time high of $20.6 billion, according to research by Chainalysis. an American blockchain analysis firm headquartered in New York City. Last year they had published that found $14 billion in illicit activity in 2021 – it was subsequently raised to $18 billion, mostly due to the discovery of new crypto scams.
To examine the effects of sanctions on illicit cryptocurrency activity, Chainalysis looked at how a few of 2022’s most notable sanctioned entities behaved before and after their OFAC (Office of Foreign Asset Control) sanctions. OFAC is a financial intelligence and enforcement agency of the U.S. Treasury Department. OFAC administers and enforces economic and trade sanctions in support of U.S. national security and foreign policy objectives. They analysed three services:
- Hydra was the largest darknet market in the world until its servers were seized by German police, concurrent with its designation by OFAC in April 2022, effectively shutting down the marketplace. Based in Russia, Hydra not only facilitated drug sales, but also offered money laundering services to cybercriminals, including ransomware attackers.
- Garantex is a high-risk crypto exchange based in Russia and was sanctioned at the same time as Hydra for similar money laundering activity. Unlike Hydra, Garantex continues to operate following its designation.
- Tornado Cash is a decentralised mixing service on the Ethereum blockchain that was sanctioned in August 2022 (and again in November) for facilitating money laundering, primarily in relation to funds stolen in cryptocurrency hacks by cybercriminals associated with North Korea. Tornado Cash is currently the only DeFi protocol to have been sanctioned by OFAC – all other designations have been centralised services or personal wallets. As a DeFi protocol, no person or organisation can “pull the plug” as easily on Tornado Cash as they could with a centralised service, which has led to questions around the feasibility of sanctioning the service and who, if anyone, can be held responsible for criminal activity it facilitates.
Ransomware victims are paying less frequently
Based on the data available Chainalysis estimates that 2022’s total ransomware revenue fell to at least $456.8 million in 2022 from $765.6 million in 2021 – a huge drop of 40.3%. However, the evidence suggests that this is due to victims’ increasing unwillingness to pay ransomware attackers rather than a decline in the actual number of attacks.
The Chainalysis report quoted Michael Phillips, Chief Claims Officer of cyber insurance firm Resilience, saying: “Data from claims across the cyber insurance industry show that ransomware remains an increasing cyber threat to businesses and enterprises. There have, however, been signs that meaningful disruptions against ransomware actor groups are driving lower than expected successful extortion attempts.”He cited among those disruptions the Russia-Ukraine war and the increased pressure on ransomware gangs from western law enforcement, including arrests and recovery of extorted cryptocurrency.
Since 2019, victim payment rates have fallen from 76% to just 41%. But what exactly accounts for this shift? One big factor is that paying ransoms has become legally riskier, especially following an OFAC advisory in September 2021 on the potential for sanctions violations when paying ransoms.
Another big factor is the outlook of cyber insurance firms, who are usually the ones reimbursing victims for ransomware payments. Today, companies have to meet stringent cybersecurity and backup measures to be insured for ransomware coverage. Cyber insurance firms’ demand for better cybersecurity measures is a key driver of the trend toward less frequent ransom payments. These requirements have proven to actively help companies bounce back from attacks rather than pay ransom demands. An increased focus on underwriting against factors that contribute to ransomware has led to lower incident costs for companies and contributed to a decreasing trend in extortion payments.
Money Laundering increases 68%
Money laundering in cryptocurrency typically involves two types of on-chain entities and services:
- Intermediary services and wallets: These can include personal wallets (also known as un-hosted wallets), mixers, darknet markets, and other services both legitimate and illicit. Crypto criminals typically use these services to hold funds temporarily, obfuscate their movements of funds, or swap between assets. DeFi protocols are also used by illicit actors in order to convert funds but, as we will discuss, are not an efficient means of obfuscating the flow of funds.
- Fiat off-ramps: This refers to services that allow for cryptocurrency to be exchanged for fiat. This is the most important part of the money laundering process, as the funds can no longer be traced via blockchain analysis once they hit a service – only the service itself would have visibility into where they go next. Additionally, if the funds are converted into cash, they can only be followed further through traditional financial investigation methods. Most fiat off-ramps are centralised exchanges, but P2P exchanges and other services can also serve this function.
The report finds that overall, illicit addresses sent nearly $23.8 billion worth of cryptocurrency in 2022, a 68.0% increase over 2021. As is usually the case, mainstream centralised exchanges were the biggest recipient of illicit cryptocurrency, taking in just under half of all funds sent from illicit addresses. That’s notable not just because those exchanges generally have compliance measures in place to report this activity and take action against the users in question, but also because those exchanges are fiat off-ramps, where the illicit cryptocurrency can be converted into cash.
Know more about the syllabus and placement record of our Top Ranked Data Science Course in Kolkata, Data Science course in Bangalore, Data Science course in Hyderabad, and Data Science course in Chennai.