Crypto-crime may have declined overall in the first six months of 2023, but the volume of payments to ransomware attackers made in cryptocurrencies has surged. According to data from blockchain analytics firm Chainalysis, the volume of cryptocurrency ransomware payments was on track for its second-biggest annual total on record.
There is no single reason behind why cryptocurrency plays such a crucial role in the rise of ransomware attacks, but we have narrowed it down to six key factors.

- The first and most obvious is that cryptocurrencies offer a degree of anonymity and pseudonymity. This ‘privacy feature’ makes it difficult to trace transactions back to specific individuals or entities, a clear advantage for anyone looking to evade law enforcement.
- The lack of central control also makes it challenging for authorities to regulate or control transactions, as cryptocurrencies operate on decentralised networks. The absence of a central authority or intermediary makes it difficult to freeze or seize funds associated with ransomware payments.
- Global accessibility is a key feature of cryptocurrencies, but that they are designed to be sent and received across borders without the need for intermediaries or regulatory oversight is exploited by threat actors. Ransomware attackers can easily receive payments from victims located anywhere in the world, funding their illicit activities. (As an aside, this will also make it very difficult to enforce all the financial sanctions placed on Dmitry Khoroshev.)
- Transactions on blockchain networks are recorded on a public, immutable ledger that cannot be altered or reversed. This “no chargebacks” system means that, once ransom payments are made in cryptocurrencies, they cannot be reversed or refunded – giving threat actors a sense of security and incentivising victims to comply with demands.
- If variety is the spice of life, things in the world of cryptocurrencies are heading off the Scoville scale. The proliferation of cryptocurrencies provides ransomware gangs with a huge range of options for receiving payments while maintaining their anonymity. Privacy-focused cryptocurrencies offer enhanced privacy features, making it even more challenging to trace transactions and identify perpetrators.
- And, finally, there is ‘ransomware-as-a-service (RaaS)’. Ransomware threat actors often leverage RaaS platforms, where affiliates distribute ransomware in exchange for a share of the ransom payments (a so-called ‘monetisation model’). RaaS platforms may provide built-in mechanisms for handling cryptocurrency payments (facilitated payments), streamlining the process for both attackers and victims.
Cryptocurrencies are therefore likely to remain a preferred method of payment for digital extortion. Efforts to combat ransomware often involve a balance between addressing the underlying vulnerabilities exploited by attackers, and addressing the challenges posed by cryptocurrency-based payments.

Cyber Risk
We bring the best of our collective experience, energy and creative power to fiercely safeguard our clients and fortify their communities.
Insights

Ransomware at Europe’s Airports: Case for Community-Driven Third Party Risk Management
The recent ransomware attack on Collins Aerospace’s Muse software, which brought chaos to airports across Europe, serves as a stark reminder of a critical gap in how organisations approach Third Party Risk Management (TPRM).

JLR Cyber Attack: What it Means for Private Equity, Credit, and Equity Investments
From the iconic E-Type Jaguar to images of the late Queen driving modern Range Rovers on her estate, JLR has long held a uniquely British place in the national consciousness, even under Tata ownership. The incident has affected the owners of the business, the supply chain, and customers, and offers learnings for the Private Equity (PE) industry.

Impact of Cyber and Operational Resilience on Private Equity and Their Portfolio Companies
Implementing cyber and operational resilience measures is a strategic imperative for PE firms and their PortCos, enabling them to reduce the impact of cyber risks on asset valuations.

How Private Equity Leaders Turn Cyber Security Investment into Competitive Advantage
Leading firms are discovering something counterintuitive: investing in cyber security creates advantages worth far more than just protection.