Declining Ransomware Payments: Shift in Hacker Tactics?

Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms.
It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean for ransomware tactics.
A couple of recent surveys and reports shed light on a decrease in ransomware payments.
One in particular from Coveware found that while 85% of ransomware victims paid the ransom in early 2019, that figure dropped to just 29% paying up by late 2023.
There's been a big push toward educating businesses and individuals about the risks of ransomware and the importance of cybersecurity hygiene.
Governments are opting for a harder stance against ransomware gangs by disrupting their operations in coordinated stings, sanctioning companies involved in ransom payments, and generally encouraging victims to report attacks rather than pay the ransom.
These actions together reduce the operational capabilities of ransomware gangs and make the ransomware business model less profitable.
On a related note, there's growing recognition that paying ransoms not only fuels the ransomware economy but also does not guarantee that data will be decrypted or that it won't be sold or leaked later.
It's a bit early to assume that ransomware gangs will disappear just because fewer companies pay up.
Here are some ways ransomware gangs' tactics might evolve in response to declining ransomware payment rates.
Given ransomware gangs' general lack of moral compass, an obvious potential evolution is for threat actors to more aggressively extort victims and increase the odds of getting paid.
Ransomware groups may spend more time researching and targeting specific industries or organizations they believe are more likely to pay.
Ransomware code is often straightforward for security researchers to reverse engineer and inspect what it does.
Modernizing ransomware code could involve several strategies aimed at improving the effectiveness, stealth and impact of attacks.
Another possible tactic is developing ransomware in more secure languages like Rust, making it harder to analyze how it behaves.
There could be an increase in attempts to recruit or exploit insiders to facilitate ransomware attacks and even increase the impetus to pay up.
While it's encouraging to see declining ransomware payments, this doesn't mean the threat is diminishing.
On the contrary, as ransomware gangs evolve their tactics and become more aggressive, the threat landscape becomes even more complex.
Modern ransomware can infiltrate individual endpoints and entire cloud infrastructures, which calls for a comprehensive and proactive approach to cybersecurity across endpoints, networks and cloud environments.
Nuspire's managed detection and response provides you with a team of dedicated cyber experts who monitor and respond 24/7 across your cloud, network and endpoints to stay one step ahead of ransomware attackers.


This Cyber News was published on securityboulevard.com. Publication date: Wed, 14 Feb 2024 01:43:03 +0000


Cyber News related to Declining Ransomware Payments: Shift in Hacker Tactics?

Declining Ransomware Payments: Shift in Hacker Tactics? - Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms. It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean ...
10 months ago Securityboulevard.com
As Digital Payments Explode in Popularity, Cybercriminals are Taking Notice - With $54 trillion in payments flowing through the world's leading transaction avenues, the payments space is truly exploding. Traditional banks are moving full speed ahead in fulfilling consumer expectations for instant and easy digital payments by ...
11 months ago Cyberdefensemagazine.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Top 10 Notorious Ransomware Gangs of 2023 - By employing a multitude of advanced techniques like double extortion along with other illicit tactics, ransomware groups are continually evolving at a rapid pace. Here below, we have mentioned all the types of ransomware used by the threat actors ...
11 months ago Cybersecuritynews.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
11 months ago Unit42.paloaltonetworks.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
11 months ago Securityboulevard.com
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
1 year ago Helpnetsecurity.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
11 months ago Feeds.fortinet.com
Anti-Ransomware Coalition Bound to Fail Without Key Adjustments - COMMENTARY. Ransomware is a pervasive issue affecting businesses of all sizes and industries, and the best way to respond remains hotly debated. While much fanfare coincided with the announcement of a US-led, 40-country coalition to collectively ...
11 months ago Darkreading.com
Dozens of countries will pledge to stop paying ransomware gangs - An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C., to stop paying ransoms demanded by cybercriminal groups. Addressing reporters on Monday, Anne Neuberger, ...
1 year ago Bleepingcomputer.com
Ransomware Payments Surpassed $1 Billion in 2023: Analysis - The payments made by victims of ransomware attacks doubled in 2023 compared to the previous year, exceeding $1 billion, according to blockchain analysis firm Chainalysis. The company has looked at the cryptocurrency wallets known to be used by ...
10 months ago Securityweek.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
11 months ago Bleepingcomputer.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
9 months ago Feeds.fortinet.com
Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
10 months ago Malwarebytes.com
To tap or not to tap: Are NFC payments safer? - These cards required insertion into payment terminals and authentication with a PIN, marking a shift toward more secure transaction methods. These cards were still susceptible to cloning or information theft, though perpetrating such crimes was more ...
1 year ago Welivesecurity.com
Ransomware payment ban: Wrong idea at the wrong time The Register - Opinion A general ban on ransomware payments, as was floated by some this week, sounds like a good idea. This is because a payment ban would inevitably have to include an exception for incidents where not paying the ransom poses a serious risk of ...
11 months ago Go.theregister.com
Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader Malware - The Cisco Talos Year in Review report released Tuesday highlights new trends in the cybersecurity threat landscape. We'll focus on three topics covered: the ransomware cybercriminal ecosystem, network infrastructure attacks and commodity loader ...
1 year ago Techrepublic.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
10 months ago Feeds.fortinet.com
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
7 months ago Bleepingcomputer.com
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
10 months ago Bleepingcomputer.com
Targeting homeowners' data - As these companies obtain a large amount of sensitive information from their customers, they become attractive targets for ransomware gangs to conduct double-extortion attacks. Finland is also warning of Akira ransomware increasingly targeting ...
11 months ago Bleepingcomputer.com
How ransomware gangs are engaging - As ransomware gangs continue to market themselves as legitimate businesses complete with customer service representatives, new research from Sophos showed that threat actors are expanding public relations efforts to further pressure victims into ...
1 year ago Techtarget.com
The Week in Ransomware - Today's column brings you two weeks of information on the latest ransomware attacks and research after we skipped last week's article. BleepingComputer has learned that some of the BlackCat/ALPHV affiliates are not buying the explanation and have ...
1 year ago Bleepingcomputer.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
5 months ago Securityweek.com
Accepting Ethereum for Businesses, An Overview - For a business looking to stay ahead of the curve, opting to accept Ethereum payments could be the key to unlocking a new world of opportunities. Accepting Ethereum payments offers businesses global market reach, cost-effectiveness, privacy and ...
10 months ago Hackread.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)