Ransomware payments have dropped by over one-third compared to last year, totaling $813 million, as victims are now refusing to pay cybercriminals and law enforcement. The trend has been cracked.
This decline in cyber attacks involves computers or data being blocked with a demand for money to release it, despite notable cases in 2024 in the UK and the US, including the well-known donut company Krispy Kreme and NHS Trust.
Last year’s ransomware payments have decreased from the recorded $1.250 million in 2023, with a research company analyzing payment data and stating that payments dropped significantly in the second half of the year due to actions taken and the resistance to paying cyber criminals.
The total for 2024 was lower than the $1.1 billion recorded in 2020 and 2019, coming in at $999 million. In ransomware attacks, criminals gain access to the victim’s IT system, steal data, encrypt it, and demand a ransom payment in bitcoin to decrypt the files and return the data.
Jacqueline Burns Koven, head of cyber threat intelligence at Chain Dissolving, noted that the decrease in ransomware payments signifies a shift in the ransomware landscape. She mentioned the effectiveness of measures, improvement in international cooperation, and the impact on attackers and victims.
However, Burns Koven cautioned that the downward trend in payments is fragile, and ransomware attacks continue to be prevalent.
Further evidence shows that victims refusing to comply with attackers’ demands lead to an increase in ransomware attacks demands by cyber gangs, exceeding actual payments by 53%.
During the same period, the number of ransom-related “on-chain” payments (terms in the blockchain recording encryption transactions) decreased, indicating less compliance from victims.
One expert mentioned an international operation that successfully took down the Lockbit ransomware gang in February, as well as the disappearance of another cyber criminal group called Blackcat/Alphv.
Lizzy Cookson from a Ransomware-compatible company stated that the current ransomware atmosphere is influenced by newcomers focusing on smaller markets with modest ransom demands.
In the UK, there’s consideration to ban schools, NHS, and local councils from paying ransomware demands. Private companies would need to report payments to the government, which could potentially block them. Reporting ransomware attacks may also become mandatory if legal changes are implemented.
Source: www.theguardian.com
