According to statistics from cybersecurity firm Coveware, companies are demonstrating increasing resistance to extortion demands. This trend has led to a record low of only 28% of companies paying ransoms in the first quarter of 2024.

The average ransom payment has decreased by 32% to $381,980. However, the median payment has increased by 25% to $250,000.

These numbers reveal a tactical shift by ransomware actors, abandoning unrealistic initial demands in favor of more approachable figures aimed at keeping victims hooked and willing to negotiate. It seems the strategy of scaring victims away with large ransom demands is backfiring.

Another major trend in Q1 2024 is the record-low rate of victim payment. Only 28% of victims opted to pay the demanded ransom, a significant drop signaling a change in mindset amongst affected businesses and organizations. This can be attributed to several factors:

  • Improved Defenses: Businesses are actively upgrading their cybersecurity defenses, making successful attacks harder to execute and minimizing the need for decryptors only the attacker can provide.
  • Resilient Recovery: Improved backup strategies allow for data restoration without the threat actor’s cooperation.
  • Lost Trust: Victims are increasingly aware that payment offers no guarantee of data suppression. Attackers often leak or resell stolen data even after receiving payment, nullifying the incentive.

During Q1, 23% of victims opted to pay when their incident ONLY involved the publication of stolen data (i.e., the victim was not faced with needing a decryption key as part of their decision making process).

READ
Interpol’s Operation Synergia II Dismantles Major Cybercrime Network, Arresting 41 Suspects