In the first half of 2024, ransomware payments have surged to an astonishing $459.8 million, setting the stage for a potential record-breaking year if the current pace continues. This marks a slight increase from the same period in 2023, where ransomware payments totaled $449.1 million, leading to a record $1.1 billion by year’s end.
Despite significant law enforcement efforts that disrupted major ransomware-as-a-service (RaaS) operations like LockBit, the ransomware industry continues to thrive.
According to a recent report, this growth is largely driven by cybercriminals who are focusing on extracting larger sums from their victims. These attackers are increasingly targeting large organizations, causing severe disruptions and stealing customers’ personal information to demand hefty ransoms.
The report highlights that 2024 is on track to become the highest-grossing year for ransomware payments, with fewer attacks but much larger payouts. Notably, this year saw the largest ransomware payment ever recorded—approximately $75 million—paid to the Dark Angels ransomware group.
While the identity of the victim remains undisclosed, it’s reported that the payment was made by a Fortune 50 company following an early 2024 attack.
A clear sign of ransomware actors targeting bigger organizations is the significant rise in the median ransom payment, which has skyrocketed from under $199,000 in early 2023 to $1.5 million by June 2024.
The report also notes a 10% year-over-year increase in confirmed ransomware attacks in 2024, as tracked by cybersecurity intelligence sources. Similarly, the number of victims listed on dark web extortion portals has also risen.
Interestingly, while ransomware attacks are becoming more severe, fewer organizations are giving in to extortion demands. The overall number of ransomware payment events has decreased by 27.27% year-over-year, continuing a trend where more companies are resisting the pressure to pay ransoms. This aligns with earlier findings, showing that ransom payment rates hit a record low of just 28% in the first quarter of this year.
To combat the growing threat of ransomware, organizations must prioritize robust cybersecurity measures, including regular data backups, employee training, and the deployment of advanced threat detection systems. Investing in these preventive strategies can reduce the likelihood of falling victim to ransomware attacks and help avoid the costly consequences of paying ransoms. Additionally, companies should establish a comprehensive incident response plan to quickly address and mitigate any potential breaches.