Open Forum

Ransomware attacks have been one of the biggest cyber threats in recent years, with criminals demanding millions from businesses, hospitals, schools, and even local governments. However, 2024 brought some unexpected news: ransomware groups made significantly less money than in previous years.

According to blockchain analysis firm Chainalysis, ransomware payments in 2024 dropped to around $813.55 million, down from $1.25 billion in 2023 and $1.07 billion in 2021. This decline suggests that fewer victims are paying up, which could mean cybercriminals are losing their grip.

The decline is attributed to several factors. Firstly, many organizations have improved their cybersecurity measures, making it harder for attackers to infiltrate systems. Regular data backups and better incident response plans have enabled companies to restore their operations without paying ransoms. Additionally, increased law enforcement actions have disrupted the operations of several prominent ransomware groups, further contributing to the decrease in successful attacks.

Despite the overall decline in payments, the number of ransomware incidents actually increased in 2024. This suggests that while attackers are still active, their success rate in extorting money has diminished. Some experts worry that cybercriminals may shift their tactics, such as demanding smaller but more frequent ransoms or targeting individuals instead of companies. This is troubling news for smaller businesses. Ransomware historically started in the personal and SMB markets and shifted where the money is. If those dynamics change, the smaller companies need to be more focused on resiliency.

You can still take steps to protect from ransomware and other cyber threats:

• Back up your important files regularly so you won't lose them in an attack
• Keep your software and antivirus programs updated to fix security flaws
• Use strong, unique passwords for different accounts, and enable two-factor authentication
• Be cautious of unexpected emails, links, and attachments, as they could be phishing attempts
• If you're hit with ransomware, don't pay the ransom-instead, seek help from cybersecurity experts

#ALTACyber

------------------------------
Genady Vishnevetsky
Chief Info Security Officer
Stewart Title Guaranty Company
Houston TX
------------------------------

Genady;

I greatly appreciate your valuable insights and expertise. A colleague of ours experienced a similar situation about four or five years ago, which turned into a significant ordeal for her. The hackers demanded a ransom of $100,000, and although she chose not to pay, the process of recovering her data was extremely labor-intensive and complex. 

She said the return of her data was like assembling an IKEA furniture set, as she had to piece everything back together herself.

------------------------------
Mary Enzi CAA
Tax Solutions – FIRPTA Consulting
[email protected]
+1 (281) 578-1040
Katy TX
------------------------------

Original Message:
Sent: 02-21-2025 09:07
From: Genady Vishnevetsky
Subject: Security BUZZ - Ransomeware: welcomed news, but keep your guards up

Ransomware attacks have been one of the biggest cyber threats in recent years, with criminals demanding millions from businesses, hospitals, schools, and even local governments. However, 2024 brought some unexpected news: ransomware groups made significantly less money than in previous years.

According to blockchain analysis firm Chainalysis, ransomware payments in 2024 dropped to around $813.55 million, down from $1.25 billion in 2023 and $1.07 billion in 2021. This decline suggests that fewer victims are paying up, which could mean cybercriminals are losing their grip.

The decline is attributed to several factors. Firstly, many organizations have improved their cybersecurity measures, making it harder for attackers to infiltrate systems. Regular data backups and better incident response plans have enabled companies to restore their operations without paying ransoms. Additionally, increased law enforcement actions have disrupted the operations of several prominent ransomware groups, further contributing to the decrease in successful attacks.

Despite the overall decline in payments, the number of ransomware incidents actually increased in 2024. This suggests that while attackers are still active, their success rate in extorting money has diminished. Some experts worry that cybercriminals may shift their tactics, such as demanding smaller but more frequent ransoms or targeting individuals instead of companies. This is troubling news for smaller businesses. Ransomware historically started in the personal and SMB markets and shifted where the money is. If those dynamics change, the smaller companies need to be more focused on resiliency.

You can still take steps to protect from ransomware and other cyber threats:

• Back up your important files regularly so you won't lose them in an attack
• Keep your software and antivirus programs updated to fix security flaws
• Use strong, unique passwords for different accounts, and enable two-factor authentication
• Be cautious of unexpected emails, links, and attachments, as they could be phishing attempts
• If you're hit with ransomware, don't pay the ransom-instead, seek help from cybersecurity experts

#ALTACyber

------------------------------
Genady Vishnevetsky
Chief Info Security Officer
Stewart Title Guaranty Company
Houston TX
------------------------------