Ransomware payments drop as more companies refuse to pay extortion demands: Report 

Ransomware payments dropped to a record low in Q1 2024 as cybercriminals face increasing pressure due to improved security and law-enforcement agencies 

April 22, 2024 06:08 pm | Updated 06:08 pm IST

Ransomware payments dropped to a record low of 28% of companies paying ransom in the first quarter of 2024.

Ransomware payments dropped to a record low of 28% of companies paying ransom in the first quarter of 2024. | Photo Credit: Reuters

Ransomware payments dropped to a record low of 28% of companies paying ransom in the first quarter of 2024 as more and more companies refused to pay extortion demands.

The figure was 29% in Q4 2023, and payments have been diminishing steadily since early 2019, Coveware, a cybersecurity company, said in a blog post.

Additionally, a decline of 32% quarter-over-quarter (QoQ) was reported in average ransom payments, while a 25% QoQ increase in the median ransom payment was reported.

The simultaneous drop in average and rise in median ransom payments indicate a decrease in high figure payments and an increase in moderate amounts, and could be caused by ransom demands becoming more modest and fewer high-value targets falling prey to ransomware attacks.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

The decrease in payments is being attributed to organisations implementing more advanced protection measures, mounting legal pressure to not pay ransoms and cybercriminals repeatedly publishing or selling stolen data despite being paid to not release it, and providing victims with a decryption key.

Action by law-enforcement agencies like the FBI also played a significant role in bringing down the number of attacks witnessed by organisations. The FBI recently disrupted the operations of a major ransomware gang that created a chain of disruptions in the operations of other major gangs. The disruptions further led to payment disputes and exit scams, further weakening the confidence of other ransomware gangs, many of which are now operating independently.

Many ransomware gangs have even quit cybercrime due to increased pressure from law-enforcement agencies and ramping up of security by organisations.

However, the dip in ransomware payments should not be taken as a sign of the weakening of operations by ransomware gangs. Many ransomware gangs are still operational with the FBI reporting that just one gang is responsible for breaches in 250 organisations, pocketing $42 million in ransom payments.

Remote access and vulnerability exploitation are being seen as the biggest avenues for ransomware attacks.

A ransomware is a type of malicious software that blocks the victim from accessing stored data by encrypting it. A ransom is then demanded from the owner in exchange for the decryption key.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in


Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.