The Decline in Ransomware Payments: A Turning Point in Cybersecurity

In 2024, global ransomware payments have experienced a significant drop, decreasing by more than one-third and totaling $813 million. This decline marks a turning point in the fight against cybercrime and is driven by several key factors.

Why Are Ransomware Payments Decreasing?

Greater Victim Resilience: In recent years, many organizations have strengthened their security protocols and adopted strategies that discourage paying attackers. In 2019, 85% of victims paid the ransom; however, according to a report by Coveware, this figure fell to 29% in the fourth quarter of 2023.

Proactive Security in Business Environments: Companies are reinforcing their defenses, making it harder for cybercriminals to gain access. Additionally, they have improved their incident recovery capabilities, allowing them to restore systems without relying on decryption tools provided by attackers, thus avoiding ransom payments.

Effective Law Enforcement Actions: International agencies have intensified efforts to dismantle ransomware groups. Operations against LockBit and BlackCat/ALPHV have disrupted their activities and enabled data recovery without the need to pay ransoms.

Government Awareness and Regulations: Governments, such as the UK, are considering banning public entities from making ransom payments and making it mandatory to report attacks. These measures help reduce the financial incentive for cybercriminals.

Is This Trend Sustainable?

Although ransomware payouts have declined, attacks continue to pose a significant threat. Experts warn that while large groups are being dismantled, new, less experienced actors are emerging that are targeting smaller targets, especially small and medium-sized businesses.

An example is the ransomware group Phobos, accused of primarily attacking SMEs and other small entities, amassing around $16 million from over a thousand victims.

In the Balearic Islands, SMEs suffered approximately 1,500 cyberattacks last year, with average losses of €30,000 per company. The most common methods include phishing and ransomware attacks.

The drop in ransomware payments is a positive sign in the fight against cybercrime, but it should not lead to complacency.

Organizations must continue to implement effective backup strategies, monitor vulnerabilities, and strengthen their defenses to prevent these attacks.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.