Ransom funds fall as fewer victims select to pay hackers


Ransomware statistics from the second quarter of the yr present that the ransoms paid to extortionists have dropped in worth, a development that continues because the final quarter of 2021.

Ransomware remediation agency Coveware has revealed a report as we speak with ransomware knowledge from the second quarter of 2022 displaying that though the typical cost elevated, the median worth recorded a big drop.

Funds down

In Q2 2022, the typical ransom cost was $228,125 (up by 8% from Q1 ‘22). Nonetheless, the median ransom cost was $36,360, a steep fall of 51% in comparison with the earlier quarter.

This continues a downward development since This autumn 2021, which represented a peak in ransomware funds each common ($332,168) and median ($117,116).

Ransom payment trends
Ransom cost traits from 2018 to 2022 (Coveware)

“This development displays the shift of RaaS associates and builders in the direction of the mid-market the place the chance to reward profile of assault is extra constant and fewer dangerous than excessive profile assaults,” feedback Coveware within the report.

“We have now additionally seen an encouraging development amongst massive organizations refusing to contemplate negotiations when ransomware teams demand impossibly excessive ransom quantities.”

The median measurement of the businesses focused this quarter dropped even additional, with the actors on the lookout for smaller but financially wholesome organizations to disrupt, the corporate says.

Size of organizations targeted by ransomware gangs
Dimension of organizations focused by ransomware gangs (Coveware)

By way of probably the most lively ransomware teams over the previous quarter, statistics that Coveware collected present that BlackCat tops the record with 16.9% of the revealed assaults, adopted by LockBit, which accounted for 13.1%.

Most active ransomware families in Q2 2022
Most lively ransomware households in Q2 2022 (Coveware)

One other new development noticed by Coveware is the creation of many smaller ransomware-as-a-service (RaaS) operations that draw associates from not too long ago defunct syndicates and carry out lower-tier, opportunistic assaults.

Knowledge exfiltration

The double extortion technique, which threatens with leaking recordsdata stolen earlier than being encrypted, continued this quarter as 86% of the reported instances concerned this tactic.

Coveware underlines that in lots of instances, regardless of receiving the ransom cost, the menace actors continued the extortion or leaked the stolen recordsdata anyway.

In a number of instances, knowledge exfiltration was the primary extortion technique for a lot of attackers, which means that lots of the incidents didn’t contain file encryption.

This resulted within the common downtime from ransomware assaults dropping to 24 days, an 8% lower in comparison with Q1 2022.

Leave a Comment