Record-Breaking Ransomware: 2024 on Pace to Surpass $1 Billion in Payouts

August 20, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS
Despite an Alarming Surge in Ransom Amounts, a Glimmer of Hope Emerges as Fewer Victims Opt to Pay.

2024 is shaping up to be a watershed year in the history of ransomware, with the financial impact of these attacks poised to surpass all previous records, according to report by Chainalysis.

Last year, ransomware set a staggering precedent, with over $1 billion in ransoms paid, driven by high-profile incidents such as the Cl0p group’s exploitation of the MoveIT vulnerability and the ALPHV/BlackCat ransomware gang’s attack on Caesars Entertainment, which resulted in a $15 million payout. Despite significant law enforcement efforts targeting ransomware infrastructure, the problem has only worsened.

As of mid-2024, cumulative ransomware payments have reached $459.8 million, slightly outpacing last year’s figures at the same time. According to Andrew Davis, General Counsel at Kiva Consulting, ransomware activity remains robust, with new and existing groups employing increasingly sophisticated tactics. “Whether it be former affiliates of well-known operations or new players, the threat landscape is evolving, with more advanced methods for initial access and lateral movement,” says Davis.

In one of our previous blogs, we had written how US-based Ascension, with 140 hospitals across 19 states and D.C., made headlines due to a crippling cyberattack. The ransomware attack, detected on May 8, disrupted critical systems including EHRs, the MyChart platform, and medication and test-ordering systems.

Also read: Understanding Ransomware Security

Ransom Demands Soar

According to the report a particularly alarming trend is the sharp increase in the size of ransoms demanded.

The largest ransom paid in 2024 so far stands at a staggering $75 million, paid to a group known as Dark Angels. This represents a 96% increase from the previous year’s maximum payment and a jaw-dropping 335% rise from 2022. Furthermore, it’s not just the outlier payments that are growing—the median ransom size for the most severe attacks has skyrocketed from $198,939 in early 2023 to $1.5 million by mid-2024, a nearly eightfold increase in just 18 months.

Picture1 63 Sats Cybersecurity India
The Expanding Scope of Ransomware Targets

Ransomware is no longer just an issue for large corporations. The data indicates a growing trend in attacks targeting larger businesses and critical infrastructure providers, which have deeper pockets and are more likely to pay large ransoms due to the systemic importance of their operations. These organizations are increasingly falling victim to “very high severity” ransomware strains, which now command multimillion-dollar payouts.

Adding to the concerns is the frequency of attacks, which has risen by 10% so far in 2024, according to statistics from eCrime.ch. This uptick in attacks is compounded by the increasing sophistication of ransomware groups, making the cyber threat landscape more perilous than ever.

A Glimmer of Hope: Fewer Ransom Payments

Amid the growing financial toll and frequency of ransomware attacks, there is a silver lining.

Data suggests that victims are less frequently paying ransoms, a trend that could indicate improved preparedness and resilience among targeted organizations. While the number of attacks posted to ransomware leak sites has increased by 10% year-over-year, the actual on-chain payment events have decreased by 27.29%. This divergence suggests that while attacks are on the rise, fewer victims are choosing to pay, possibly due to better cybersecurity defenses or more effective incident response strategies.

Editorial opinion:

As 2024 progresses, ransomware is evolving both in scope and scale, with increasingly severe financial consequences. However, the decline in ransom payments offers a glimmer of hope that organizations are becoming more resilient and better equipped to withstand these attacks.

Moving forward, continued vigilance, enhanced cybersecurity measures, and robust incident response planning will be crucial in countering the relentless tide of ransomware.