Ransomware Payments Decline in 2024, But Experts Warn Against Complacency
While the decline in payments during the second half of 2024 is significant, the number of ransomware attacks and volume of payments has fluctuated and declined before. Notably, researchers saw a marked decrease in activity in 2022, a year in which Chainalysis placed total ransomware payments at $655 million compared to $1.07 billion in 2021 and nearly $1 billion in 2020.
A Historical Context
But while governments and defenders were initially heartened that their deterrence efforts were working, ransomware surged back as an even more dire threat in 2023, totaling, by Chainalysis’ count, $1.25 billion in payments that year.
Experts Weigh In
“I think ebbs and flows are inevitable,” says Brett Callow, a managing director at FTI Consulting and longtime ransomware researcher. “If the baddies had a couple of brilliant quarters, a dip will follow, same as if the goodies had some good quarters. That’s why we really need to analyze trends over a longer period, because increases and decreases over shorter periods don’t really tell us much.”
Challenges in Tracking Ransomware
Researchers have long warned that it is difficult to get truly reliable numbers about the volume of ransomware attacks and an accurate total of payments each year. This is partly the result of attackers attempting to inflate their records and make themselves seem more effective and menacing by claiming old data breaches as new attacks or simply making up attacks that they haven’t actually carried out. And it is always difficult to get accurate numbers about ransomware (not to mention digital scams more broadly), because stigma and regulatory requirements often keep victims from coming forward. This makes ransomware forecasting more of an art than a science.
Conclusion
While the decline in ransomware payments is a positive trend, experts warn against complacency. The data point is useful for making the case that sustained investment in ransomware defense is worthwhile, but it is not a guarantee of future reductions in ransomware attacks. As Burns Koven, a researcher at Chainalysis, emphasizes, “We’re still standing in the rubble, right? We can’t go tell everyone, everything’s great, we solved ransomware—they’re continuing to go after schools, after hospitals and critical infrastructure.” The decline in ransomware payments is a signal of what work needs to be continued.
FAQs
Q: Is the decline in ransomware payments a guarantee of future reductions in ransomware attacks?
A: No, experts warn against complacency and emphasize that the decline is not a guarantee of future reductions in ransomware attacks.
Q: Why is it difficult to get accurate numbers about ransomware?
A: It is difficult to get accurate numbers about ransomware because attackers attempt to inflate their records, and victims often keep silent due to stigma and regulatory requirements.
Q: What does the decline in ransomware payments mean for defenders?
A: The data point is useful for making the case that sustained investment in ransomware defense is worthwhile, but it is not a guarantee of future reductions in ransomware attacks.
