Despite the catastrophic breakthroughs, ransom payments decreased significantly last year

But in reality, all of the law enforcement operations may have been more successful than it was. Alphv, after receiving a $ 22 million ransom from Change Healthcare, withdrew the so -called “exit fraud”, with money and disappeared instead of sharing it with the infiltrators partners who violated the change. Lockbit fell, too, to a large extent on the map in the months that followed the NCA removal process, and perhaps because of the underground e -mail, and its alleged leader, Dmitry Khoroshif, when it became clear that NCA had identified it. In May 2024, Khorushif was also approved by the US Treasury, making it legally complicated for Lockbit victims to pay a group ransom.

While the vacuum left by these main players in the ransom ecosystems was occupied by newer groups during the second half of 2024, many of them did not have skills or experience to pursue and defend large goals such as Lockbit and Alphv was, says Burns Coven. She says the result was a much smaller ransom payment, and often in tens of thousands of dollars instead of millions or tens of millions.

“Their talent is not just as strong as their ancestors,” says Burns Coven about the latest generation of ransom gangs. “We are witnessing these law enforcement waste, not only targeting individuals and malware of malware, but also infrastructure, tools and services that have been used to help perpetuate these attacks.”

Alan Lesca, an intelligence analyst that focused on Ransombers in the security company registered last year, says in fact, last year witnessed more ransom incidents more than the previous year. The company calculated 4,634 attacks in 2024 compared to 4400 in 2023. But the low ransom amounts received by the latest ransom groups indicate that they may have preferred the quantity over quality. “What we see in terms of payments is a reflection of the most recent threat representatives that attract the amount of money they see that you can one pound in Ransomwari, in an attempt to enter the game and not be very good.” .

In addition to the main law enforcement procedures at the beginning of 2024, Chainalysis is attributed to low payments during the second half of the year to increase global awareness of the threat of ransom programs, which leads to more defenses and response plans in governments and other institutions. Burns Koven adds that regulating cryptocurrency and suppression of law enforcement on money laundering infrastructure, including mixers that help criminals hide identity and the source of non -specialized cryptocurrencies.

While the decrease in payments during the second half of 2024 is important because it is the largest in the sequence data, the number of ransom attacks and the size of payments has fluctuated and decreased before. It is worth noting, the researchers witnessed a remarkable decrease in the activity in 2022, the year in which a series of total ransom payments was placed at $ 655 million compared to $ 1.07 billion in 2021 and about one billion dollars in 2020. Through work, Ransomware fell as a more threat. Plasticice in 2023, with a total of 1.25 billion dollars in the number of payments that year.