In the past few years, the ransomware market has heated up, leading to more payouts for threat actors and more attacks overall. However, in late 2023, with the seizure of BlackCat ALPHV by law enforcement, among other factors, the business side of ransomware-as-a-service (RaaS) has been put on ice, at least somewhat. This isn’t to say that attacks aren’t happening and that you can let your guard down, but it appears companies just aren’t paying like they used to, and that is an incredible thing to see.
In December, the Justice Department announced a “disruption campaign” against BlackCat or ALPHV, leading to the seizure of the group’s network and infrastructure, including websites. This shook confidence in ransomware affiliates and led to several problems and the seeming collapse of the group. Then, the LockBit group had an incident involving threatening the murder of a forum administrator in the public eye. Despite these happenings, ransomware attacks were still up at the beginning of this year, with reports indicating an “unprecedented surge.”
With all that in mind, threat actors are not making the money they were previously, according to a report from Coveware. The average ransom payment is down 32% from Q4 of 2023, and the percentage of victims who chose to pay out was down to a record low of 28%. Of course, this metric is always in flux, but it is a good trend, nonetheless. The report also notes that Akira holds the throne for market share, followed by Black Basta, tied with Lockbit 3.0 for second, and then Medusa, Phobos, and BlackCat, all in third place.
The full report goes into the predominant attack vectors and tactics used once on the inside, as well as industries that are typically targeted. Not surprisingly, healthcare has quite the margin at 18.7%, which is rough but comes with the territory of organizations that control a plethora of data and handle a significant amount of money. Regardless, we hope to see the trend of payments continue decrease as time goes on, which will hopefully help to snuff out this industry.