Ransomware victims paying threat actors fall to 28%, improved security infrastructure a key factor

This is the lowest ever percentage

Reading time icon 2 min. read

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

ransomware attack victims don't pay up

In the past few years, ransomware attacks have increased exponentially, with companies usually paying up right away to prevent misuse of data. However, in Q1 2024, the number of ransomware victims paying up has dropped to 28%. In the last quarter, i.e., Q4 2023, the figure was 29%.

The report published by Coverware, which sheds light on the figures, attributes this fall to enhanced security systems set up by companies that help them avert threats like encryption attacks, recover the data, and quickly restore their operation, thus negating the need for a decryption key.

Besides that, there’s an emerging trend of threat actors publishing the data or auctioning it on the web even after organizations pay the ransom. As a result, organizations are starting to refuse to pay up, realizing that it would have little to no effect.

The average ransomware attack payment, too, took a hit and fell 32% to a low of $381,980. This is also a result of threat attackers demanding a lower sum initially to keep affected parties engaged rather than the latter walking away from the negotiation altogether, says Coverware.

As for the most common ransomware variants in 2024, Akira tops the list with a 21% market share, while Black Basta and Lockbit 3.0 take up the second and third spot with 9% each.

The report looks promising, but companies need to bolster efforts

Until a few years ago, cyber and ransomware attacks were limited and usually targeted specific industries.

But with AI-powered cyberattacks gaining prominence, detecting and averting threats will become more challenging than ever. Threat actors will be able to identify and exploit any existing vulnerabilities quickly!

This will increase the number of attacks and affect industries like Healthcare that were not previously targeted. A recent report by Microsoft states that 87% of the companies in the UK are unprotected against AI cyberattacks.

So, companies must ramp up their security infrastructure and hire trained analysts to protect the data. Microsoft is using AI to tackle AI-powered cyberattacks, an approach replicated by many in the security landscape.

What do you think is the best way to prevent ransomware attacks? Share with our readers in the comments section.

More about the topics: Ransomware