Less than half of ransomware incidents end in payment - but you should still be on your guard
The ransomware landscape is changing, with fewer firms willing to pay in 2024.
- The amount of money paid to ransomware attacks declined in 2024, report claims
- A total of $813.55 million was paid, compared to over $1.2 billion in 2023
- Even those who pay the ransom are unlikely to get their data back in full
Anyone working in security will be all too familiar with the increasing dangers of ransomware and its disastrous consequences, but new research from ChainAnalysis has claimed 2024 actually saw a 35% decrease year-on-year in the number of firms who paid the ransom.
Ransomware attacks reportedly hit a new high in 2024, but the revenue ransomware attackers received declined for the first time since 2022. That being said, the numbers are still quite eyewatering.
Between January and June of 2024, ChainAnalysis reported a $459.8 million victim loss to ransom payments, which was actually 2.38% higher than the same period in 2023. This slowed in the period following though, and 2024’s total came to $813.55 million, compared to 2023’s staggering $1.25 billion.
New ransom guidelines
There are a few likely reasons for this. As cybersecurity teams develop their tactics and adapt to threats, alternatives to blindly paying ransoms have developed. For example, the UK government has launched proposals for ransomware protection which includes a ban on ransom payments for public services, aimed at dissuading criminals and disrupting the attackers income source.
Research has shown that those who pay the ransom aren’t even particularly likely to get their data back, with only roughly 7% actually fully recovering their information, which will undoubtedly factor into the incident response for a lot of organizations.
“According to our data, around 30% of negotiations actually lead to payments or the victims deciding to pay the ransoms. Generally, these decisions are made based on the perceived value of data that’s specifically been compromised,” commented Dan Saunders, Director of Incident Response at Kivu Consulting.
Of course, as more firms experience this, and as more security teams develop their tactics against cyberattacks, the defences against ransomware will improve. Cybersecurity and cyberattacks are both constantly evolving, so the future is unpredictable.
“For years now, the cybersecurity landscape seemed hurtling towards a so-called ransomware apocalypse" notes Jacqueline Burns Koven, Head of Cyber Threat Intelligence at Chainalysis, "so this sharp decline, to levels even lower than those in 2020 and 2021 speaks to the effectiveness of law enforcement actions, improved international collaboration, and a growing refusal by victims to cave into attackers demands."
You might also like
- Take a look at our pick of the best firewall protection around
- Interlock ransomware attacks highlight need for greater security standards on critical infrastructure
- Check out our choices for the best antivirus software