Ransomware payments are falling fast as victims refuse to pay

(Image credit: Pixabay)

More and more businesses suffering a ransomware attack are deciding not to pay the ransom demand, new research has revealed.

The report from Coveware suggests the change is due to a number of factors, from the victims being more prepared for such a scenario, to losing trust in the attackers and that they’ll keep their word and not publish the stolen data online. Also, in some places the governments got involved, making paying the ransom demand illegal.

As per the report, in the fourth quarter of 2023, less than a third of victims - 29% - paid the ransom demand. Roughly five years ago, at the start of 2019, 85% of the victims were paying the criminals. Two years later it dropped to 46%, the researchers added.

Hiding the payment

Even those that paid the ransom, paid smaller sums, compared to their peers that suffered a similar fate years ago. Ransom payments in Q4 2023 had an average amount of $568,705, representing a decline of 33%, compared to Q3 of the same year. The median ransom payment was at $200,000.

That’s not all that’s changed with ransomware attacks, lately. The threat actors also seem to be pivoting back to organizations of smaller sizes, after focusing more on large enterprises back in Q2 2022. Two years ago, hackers were going for larger firms in hopes of forcing a bigger payout. Now, one can speculate that smaller businesses don’t have the capacity for backups and advanced antivirus solutions which are needed to keep the attackers at bay, which is why they’re being targeted once again. 

Coveware also discusses governments making ransom payments illegal. The researchers argue that this might not be the best course of action, as all it would do is make companies stop reporting the incidents and try to solve the issue in private.

Via BleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.