April 21, 2024 at 11:52AM
Coveware’s report reveals a record low of 28% of companies paying ransom in Q1 2024. Although the payment rate has decreased, the total amount paid to ransomware actors reached $1.1 billion last year. Remote access and vulnerability exploitation are key infiltration methods, with law enforcement operations impacting ransomware affiliates. Akira remains the most active ransomware group.
Certainly, here are the key takeaways from the meeting notes:
1. Payment rates for ransomware attacks have decreased, with only 28% of companies paying ransom in Q1 2024, down from 29% in Q4 2023. This is attributed to companies implementing more advanced protective measures and legal pressure not to meet the extortion demands.
2. Despite the decrease in payment rate, the total amount paid to ransomware actors has reached a record high of $1.1 billion in 2023, due to ransomware gangs hitting more organizations and demanding higher ransom amounts.
3. In Q1 2024, there was a 32% QoQ drop in the average ransom payment, now at $381,980, and a 25% QoQ increase in the median ransom payment, which stands at $250,000, indicating a shift towards more moderate payment amounts.
4. The primary methods of initial infiltration for ransomware attacks include remote access and vulnerability exploitation, with specific vulnerabilities being widely exploited by ransomware operators in Q1 2024.
5. Law enforcement operations, such as the FBI’s LockBit disruption, have impacted the operations of ransomware groups, leading to payment disputes, exit scams, and a decrease in confidence of ransomware affiliates towards RaaS operators.
6. There are indications that affiliates, in many cases, have decided to quit cybercrime altogether due to increased risk and decreased income opportunities.
7. Akira remains the most active ransomware group, having launched attacks in at least 250 organizations in the first quarter of 2024 and pocketing $42 million in ransom payments.
I hope these takeaways accurately capture the key points from the meeting notes. If there’s anything else you need, please feel free to ask.