The percentage of ransomware victims who paid ransom demands dropped to 29% in Q4 2023, according to data by Coveware. This decline can be attributed to several factors: increased resilience to ransomware attacks, growing skepticism regarding threat actors’ promises to not publish or misuse stolen information, and growing legal ramifications against ransom payments.
The report found that the average ransom payment in Q4 2023 decreased by 33% to $568,705 compared to the previous quarter. Despite this decrease, the median ransom payment remained unchanged at $200,000 from Q3.
Ransom Payments Are Down, but Attacks Are Still Up
Separate data from Chainalysis found that total ransomware revenue decreased to its lowest level in three years. In fact, attackers claimed $456.8 million in payments—and while that’s still a considerable figure, it’s also a 40% drop from the $765.6 million they collected the previous year. That’s said, it’s important to note that a drop in revenue does not translate into a drop in attacks.
Ransomware attacks continue to pose a threat to organizations. Sophisticated hackers are continuing to break into an organization’s system, blocking out authorized users, and demanding payment to release access.
Last year we reported that 60 credit unions were impacted by a ransomware attack. Although the credit union service organization, Ongoing Operations, confirmed that no misuse of stolen information had occurred, this underlines the need for organizations of all types to implement more preventative measures. This includes implementing firewalls, anti-malware software, endpoint protection, and regularly updating software to detect vulnerabilities.
Keeping an Eye on New Tactics
As the financial landscape advances, ransomware attackers adapt their strategies accordingly. Increasingly, ransom payments are made in bitcoin, allowing attackers to funnel funds into private bitcoin wallets, beyond the oversight of regulated institutions.
Due to the relative anonymity of bitcoin transactions, law enforcement is not able to track the flow of these funds and apprehend the perpetrators involved.