More and more businesses suffering a ransomware attack are deciding not to pay the ransom demand, new research has revealed.
The report from Coveware suggests the change is due to a number of factors, from the victims being more prepared for such a scenario, to losing trust in the attackers and that they’ll keep their word and not publish the stolen data online. Also, in some places the governments got involved, making paying the ransom demand illegal.
As per the report, in the fourth quarter of 2023, less than a third of victims - 29% - paid the ransom demand. Roughly five years ago, at the start of 2019, 85% of the victims were paying the criminals. Two years later it dropped to 46%, the researchers added.
Hiding the payment
Even those that paid the ransom, paid smaller sums, compared to their peers that suffered a similar fate years ago. Ransom payments in Q4 2023 had an average amount of $568,705, representing a decline of 33%, compared to Q3 of the same year. The median ransom payment was at $200,000.
That’s not all that’s changed with ransomware attacks, lately. The threat actors also seem to be pivoting back to organizations of smaller sizes, after focusing more on large enterprises back in Q2 2022. Two years ago, hackers were going for larger firms in hopes of forcing a bigger payout. Now, one can speculate that smaller businesses don’t have the capacity for backups and advanced antivirus solutions which are needed to keep the attackers at bay, which is why they’re being targeted once again.
Coveware also discusses governments making ransom payments illegal. The researchers argue that this might not be the best course of action, as all it would do is make companies stop reporting the incidents and try to solve the issue in private.
More from TechRadar Pro
- Email fraud could be the biggest online security fraud this Black Friday - here's how to stay safe
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.