Ransomware attacks witnessed significant shifts in 2024, with cybercrime groups collecting $813.5 million, down from $1.25 billion in 2023. The first half of 2024 accounted for $459.8 million, followed by a 3.94% decline in payment activity post-July.

Despite recording the highest volume of annual ransomware cases since 2021 with 5,263 attacks (15% increase), fewer victims opted to pay ransoms. This trend emerged following the dissolution of major players like LockBit and BlackCat, leading to a fragmented ecosystem with numerous newcomers targeting smaller organizations.

Key Statistics:
– Average ransomware payment (Q4 2024): $553,959
– Median payment: Dropped 45% to $110,890
– Industrial sector: 27% of all attacks (1,424 cases)
– North America: 55% of global attacks

Prominent Ransomware Variants:
– Akira and Fog (11% each)
– RansomHub (8%)
– Medusa and BlackSuit (5% each)
– BianLian and Black Basta (4% each)
– Lone wolf actors (8%)

New emerging threats include Arcus Media, Cloak, HellCat, Nnice, NotLockBit, WantToCry, and Windows Locker. The decline in payments is attributed to increased law enforcement success, unreliable decryption tools, and growing distrust in threat actors’ reliability.