Only 28% of ransomware attack-hit organizations have fulfilled their attackers' extortion demands during the first three months of 2024, which is the lowest on record, potentially due to increased protective measures and mounting legal concerns stemming from paying such demands, BleepingComputer reports.
Average ransom payments declined 32% quarter-over-quarter to $381,980 but median payments rose by 25% during the same period to $250,000, according to a report from Coveware, which noted the figures to potentially result from more modest ransom demands and/or a reduction in paying high-value targets.
Nearly half of all ransomware attacks during the first quarter have been attributed to unknown vectors but remote access and vulnerability exploitation were the next most popular vectors.
Meanwhile, Akira, BlackBasta, and LockBit 3.0 were the most prolific ransomware operations during the first quarter but many affiliates have decided to venture to independent operations or quit amid more robust law enforcement takedowns, researchers said.