Ransomware payments are falling as more victims refuse to pay


Posts: 7,453   +67
Staff member
In a nutshell: Ransomware remains a scourge, but there is some good news: the average payment amount made by victims fell in Q4 after spending more than a year rising drastically. The reason? Fewer companies are giving in to ransom demands.

Cybersecurity firm Coveware’s latest quarterly ransomware report shows that after continuously rising since Q3 2018, average ransomware payments fell 34 percent in the fourth quarter of last year to $154,108. Median ransomware payments, meanwhile, were down 55 percent to $49,450.

Generally, anyone who suffers a ransomware attack is advised not to hand over any crypto as it’s no guarantee perpetrators will hand over the encryption key. It seems more companies are heeding this advice.

Another reason behind the fall relates to ransomware attacks in which criminals threaten to release sensitive information if their demands aren’t met. Coveware writes that these made up 70 percent of all ransomware attacks in Q4, up from 50 percent during the previous quarter. It’s common for the data to be leaked online even when ransoms are paid, so fewer victims are giving in to the extortion.

In cases involving stolen data, just sixty percent of the companies agreed to pay in Q4, that’s down from 75 percent in Q3.

“Coveware continues to witness signs that stolen data is not deleted or purged after payment. Moreover, we are seeing groups take measures to fabricate data exfiltration in cases where it did not occur,” states the report.

Looking at ransomware attack vectors, email phishing has now surpassed Remote Desktop Protocol (RDP) compromises as the most popular, being behind more than 50 percent of all incidents in the fourth quarter. RDPs, which exploit leaked credentials, remain popular as employee usernames and passwords sell for as low as $50.

Professional services was the second-most-common industry targeted by ransomware criminals (16.3 pecent), sitting behind health care (17.9 percent). Hospitals and health centers have long been a common target—criminals assume they are more willing to pay up. With the pandemic already pushing these organizations to breaking point, ransomware attacks could potentially cost lives.

Masthead credit: Andrey_Popov

Permalink to story.


Uncle Al

Posts: 8,482   +7,322
I still think the most appropriate and effective way to deal with any of them is public exaction after caste ration. Not only does it set a very real-world example but it eliminates the problem from future abuses. In as much as these events can cause genuine jeopardy for individuals including loss of life, the punishment should be no less brutal and the plead of "I didn't know" should be wholly rejected on the simple basis that ignorance is no excuse. Anyone capable of advanced computer techniques cannot plead ignorance when it is a matter of simple arrogance.


Posts: 1,025   +1,482
These scumbags that give crypto a bad reputation. It's good to see that the pandemic pivot to e-mail and remote work has given them less, rather than more, opportunity.


Posts: 2,538   +2,259
Why waste your time with Ransomware and crypto when you can rake in the cash scalping GPUs and CPUs?

The payout is much bigger and quicker if you get paid a ransom. However the degree of difficulty is higher.

Big risk bigger reward as they say.

Most of the people scapling these GPU's still haven't made their money back as they had to put up thousand of dollars up front to buy then sell. This to me is a lot more tedious work.


Posts: 745   +181
I got stung by the "DeroHE" ransomware on the 16th.

Fortunately, I had about 75% of my data backed up (particularly my most important/sensitive data.)

As PO'd as I am, I'm not about to give my attackers any money to recover a few files.

Rot in Hell, bastards.


Posts: 7,009   +5,537
Death penalty for creation, distribution and extortion. When the potential for loss of life exists, then the penalty must be commensurate with the crime.
:rolleyes: Such an existing penalty does not stop people from murdering, does it? What makes you think that it will stop ransomware especially since it is very difficult to track the perp?

Jay Watt

Posts: 9   +7
TechSpot Elite
:rolleyes: Such an existing penalty does not stop people from murdering, does it? What makes you think that it will stop ransomware especially since it is very difficult to track the perp?

And if they are based in another country that further complicates things. But I totally agree that stricter penalties and punitive measures should be enacted. Nip these things on both ends makes sense to me.


Posts: 828   +969
:rolleyes: Such an existing penalty does not stop people from murdering, does it? What makes you think that it will stop ransomware especially since it is very difficult to track the perp?

Penalties never stop a crime but it will most certainly cause a criminal to think deeper and therefore possibly DETER a crime if they decide it's not worth the risk. As it currently stands, NONE of these cyber criminals have respect for the law and, when they are caught, the penalties amount to a wrist slap.


Posts: 190   +47
I support death by lump noodles! Whip the bastards daily, non-stop: with wet soft noodles. See how long it takes them to starve to death.

As an alternative we could always sent them to Combat Zone Wrestling’s (CZW) annual cage of death tournament.
It’s already the most extreme of the “coronagraphs” aspect of wrestling.
I both wonder, and dreadfully fear, what would happen if the likes of New Jack, Nick Mondo, or Zandig himself were given a true match to the death against this like. Because we already know the wrestlers are far better at pain management, and far more sadistic.
Even better, pit them against the Queen of Hardcore Lufisto. That’s a lady that actually enjoys torturing fake wrestler fanboy wannabes.
Or tanaka? How many chair to the head shots does it take to make the brain fall out.
My gawd you want to torture someone just look up extreme wrestling.
Piranha match to the death anyone?

Honestly the era of rolling backups is killing this scam method as is. Most companies have fairly good backups. All Apple users who don’t change defaulted syncing are generally safe. And the YouTube market for revenge hacking is ripe.
They’re running out of viable targets and current security software for Windows and *nix posix systems can stop a rogue encryption fairly quickly.

Doesn’t change the fact I’d pay $29.99 a week to watch them in a hell in the cell match vs Mic Foley or a CoD match. I’d just die watching one of those turds getting beaten to death with a barbed wire thumb tack baseball bat.
The internet famous words of Jim Ross echo in my brain: “my god he’s broken in half…He’s dead”