Ransom Payments are Decreasing as Fewer Victims Choose to Pay Hackers

Ransom Payments are Decreasing as Fewer Victims Choose to Pay Hackers

The value of the ransoms paid to extortionists has decreased. According to statistics on ransomware from the second quarter of this year, continuing a trend that started in the last quarter of 2021.

The ransomware remediation company Coveware released a study today with statistics from the second quarter of 2022 revealing that, despite a rise in the average payment, the median value saw a considerable decline.

Paying less

The average ransom was $228,125 in Q2 2022, an increase of 8% from Q1 ’22. The typical ransom payment. However, was $36,360, a sharp decrease of 51% from the previous quarter.

This continues a declining trend that began in Q4 2021, when average ($332,168) and median ($117,116) ransomware payments peaked.

The mid-market, where the risk-to-reward profile of attacks is more consistent and less dangerous than high-profile attacks, is where RaaS affiliates and developers are moving, according to Cover in research.

The tendency of large corporations rejecting negotiations when ransomware gangs demand impossible-high ransom amounts is positive, according to the study.

According to the company, the actors searched for smaller but financially sound businesses to disrupt. Which resulted in a further decline in the median size of the companies targeted this quarter.

BlackCat topped the list of the most active ransomware gangs during the past quarter. According to figures gathered by Cover, with 16.9% of the published attacks, followed by LockBit with 13.1%.

The development of numerous smaller ransomware-as-a-service (RaaS) operations that recruit associates from recently disbanded syndicates and carry out lower-tier, opportunistic attacks is another recent development that Coveware has noticed.

Exfiltration of data

This quarter, 86 percent of the reported cases employed the double extortion strategy. Which threatens to expose files that have been stolen before they have been encrypted.

Cover emphasizes that in many instances. Threat actors continued their extortion or disclosed the stolen files despite collecting the ransom payment.

Source

Also Read:

Cybersecurity services

Share this on

Facebook
LinkedIn
Twitter
Pinterest
Email
WhatsApp
Telegram
Skype