Finally some good news from the ransomware front! Despite bad actors launching a number of ransomware campaigns throughout 2022, organizations refused to submit and paid criminals an estimated $456.8 million - 40% less than the astounding total of $765 million in ransom payments from 2020 and 2021.
According to blockchain analytics company Chainalysis, this decline is not attributed to fewer attacks but rather to victims taking a stand against extortionists.
In a trend that has emerged since 2019, an increasing number of ransomware victims are refusing to pay the extortion demands imposed by threat actors. According to cyber-intelligence firm Coveware, this is shown in their data which demonstrates a consistently declining rate of victim payments. This is the trend Coveware reported:
You see this remarkable shift has occurred in how ransomware victims have responded to being infected. In 2019, an overwhelming majority of 76% decided to pay the ransom. However, by 2022 that number drastically dropped down to 41%. Evidently many people are now taking measures beforehand or finding alternate solutions after falling victim instead of giving in to extortioners' demands and paying up. This very encouraging change can likely be attributed to three causes:
Victims acknowledge that paying the ransom does not ensure they'll regain access to their files, and so they simply don't pay up.
In contrast with earlier times, now there is a more mature understanding of ransomware attacks – so much so that data leaks from these assaults no longer significantly harm the reputation of an organization.
Organizations are increasingly adhering to better backup strategies enabling them to restore systems in case of any attack on their IT infrastructure.
Average Ransomware Lifespan Decreases Significantly
2022 was one of the most active years in ransomware activity, with thousands of file-encrypting malware strains targeting organizations of all sizes. However, likely due to diminishing profits, among other reasons, the average ransomware lifespan dropped from 153 days in 2021 to just 70 days in 2022.
Regardless, this is NOT a statistic you want to be apart of. Take the first step to securing your organization and book a 15-minute high-level discovery call.
Book directly HERE
Credit: Stu Sjouwerman, Our partner at KnowBe4