Coveware Blog - Ransomware

In Q3 2024 Law enforcement actions disrupted infrastructure and publicized the identity of several prolific ransomware threat actors

Unaffiliated ‘lone wolf’ threat actors carry out a greater share of attacks as they attempt to obfuscate their identity in Q2 2024.

RaaS developers were caught cheating their affiliates, shaking the trust in the RaaS model following several high profile law enforcement actions.

A lower percentage of ransomware victims are paying, as new regulations begin to elicit more and more public disclosure of ransomware incidents.

In Q3 2023 a series of ransomware attacks by similar threat actors created headlines and blurred the lines of attribution.

As ransomware affiliates are paid less frequently, they have adapted their strategies to compensate for the shifting dynamics of cyber extortion.

Ransomware threat actors are moving back up-market in search of lost profits as the cyber extortion economy seeks to halt its contraction. 

Only 37% of ransomware victims paid a ransom in Q4, a record low as security and backup continuity investments pay off.

The conviction of a high profile security executive who paid to suppress a data leak has created a new dimension of risk for security executives.

Ransomware actors became more fluid in Q2 2022 as attribution becomes harder, and fewer victims succumb to paying cyber criminals.

During a recent HSGAC hearing, Coveware had the opportunity to provide testimony on how ransomware attacks are impacting US companies, and the importance mandatory reporting.

Less Victims of Ransomware are Paying, even as Cybercriminals Shift from Big Game to Big Shame Hunting

The long term impact of sanctions on Russian unemployment has the potential to increase the volume of future Ransomware attacks.

Ransomware as a service groups are shifting their tactics as enterprises become harder targets, and law enforcement pressure mounts.

As the Ransomware attacks continue, the direction and growth of the RaaS model is following a traditional innovation trajectory.

Ransomware attacks continued to proliferate in Q3 as governments and law enforcement ratchet up the pressure of the cyber extortion economy

Ransomware payment amounts declined in Q2 as several high profile attacks escalated the attention of the US government and law enforcement.

Ransomware Actors Explain in their Own Words How to Become an Expensive Target through security reports written to victims.

Ransomware attacks continued to proliferate in Q1 2021 as several common but unpatched software vulnerabilities created a fresh supply of compromised network access to ransomware affiliates.

See how doxxing victims are distributed across industries, company sizes, and revenue tiers. Find Coveware’s data and analysis on doxxing trends in Q4.