New data shows fewer ransomware victims are paying hackers
Fewer ransomware victims are paying up when faced with a ransomware attack, according to a new report from ransomware negotiation firm Coveware.
Why it matters: Malicious hackers are opportunistic and follow the money.
- If the money dries up in ransomware, they're likely to turn to other schemes.
By the numbers: 29% of organizations paid a ransom in the last quarter of 2023 to get their stolen data back and unlock their systems during a cyberattack, according to Coveware's report, released Friday.
- That's a completely different story from the 85% who were paying in the first quarter of 2019.
- The average ransom payment in the fourth quarter of 2023 was roughly $568,000 — a 33% drop from the third quarter.
Between the lines: Coveware attributes the drop last quarter to a few factors.
- Enterprise networks have built up better cyber defenses and have more data backups to help them recover quickly.
- More companies don't trust hackers to keep their promises and delete any stolen data.
The big picture: Ransomware has become a top cyber threat for all organizations — from the world's largest companies to small mom-and-pop businesses — over the last five years.
- Government officials have spent years trying to make a dent in the number of ransomware attacks targeting businesses, governments and other entities.
Yes, but: Ransomware hackers are known to be adaptable and will likely change their tactics to get more payments.
- Cybersecurity officials and industry experts believe ransomware is already an endemic issue.
Editor's note: This story has been corrected to show that 29% of organizations paid a ransom in the last quarter of 2023 (not 2024).