First major decline in payment amounts since 2022.
Ransomware payouts dropped by a third during the last six months of 2024.
According to research by Chainalysis, the drop by 34.9 percent marked the first decline in payments since 2022, with payments also 53 percent less than attackers were demanding.
However, ransomware leaks have become more prevalent over the same period amid the growing willingness of ransomware-hit organisations to call their attackers' bluff. Intensified law enforcement action against cryptocurrency platforms leveraged for cybercrime has also led threat actors to explore other means of profiteering from attacks.
Commenting, Andy Ward, SVP international for Absolute Security, said a significant dip in pay-outs is a collective testament to strong cybersecurity. “Attacks are a case of when, not if, so every organisation needs a policy of cyber resilience, planning to recover from threats, not just prevent them,“ he said.
“By building a strong cyber resilience posture, organisations can ensure they remain operational during a ransomware attack, and deal with the threat on compromised devices, without falling victim to the payment.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
