Misleading Metrics: Unraveling Ransom Payment Statistics in Australia

A recent Australian Financial Review (AFR) article contained statistics about ransomware payment trends that require some deeper inspection.

Bill SiegelDecember 3, 2024

Law enforcement doxxing raises risk profile for threat actors

In Q3 2024 Law enforcement actions disrupted infrastructure and publicized the identity of several prolific ransomware threat actors

Bill SiegelNovember 1, 2024Quarterly Report

Ransomware actors pivot away from major brands in Q2 2024

Unaffiliated ‘lone wolf’ threat actors carry out a greater share of attacks as they attempt to obfuscate their identity in Q2 2024.

Bill SiegelJuly 30, 2024Quarterly Report

RaaS devs hurt their credibility by cheating affiliates in Q1 2024

RaaS developers were caught cheating their affiliates, shaking the trust in the RaaS model following several high profile law enforcement actions.

Bill SiegelApril 17, 2024Quarterly Report

New Ransomware Reporting Requirements Kick in as Victims Increasingly Avoid Paying

A lower percentage of ransomware victims are paying, as new regulations begin to elicit more and more public disclosure of ransomware incidents.

Bill SiegelJanuary 26, 2024Quarterly Report

Scattered Ransomware Attribution Blurs Focus on IR Fundamentals

In Q3 2023 a series of ransomware attacks by similar threat actors created headlines and blurred the lines of attribution.

Bill SiegelOctober 30, 2023Quarterly Report

Ransom Monetization Rates Fall to Record Low Despite Jump In Average Ransom Payments

As ransomware affiliates are paid less frequently, they have adapted their strategies to compensate for the shifting dynamics of cyber extortion.

Bill SiegelJuly 21, 2023Quarterly Report

Big Game Hunting is back despite decreasing Ransom Payment Amounts

Ransomware threat actors are moving back up-market in search of lost profits as the cyber extortion economy seeks to halt its contraction.

Bill SiegelApril 28, 2023Quarterly Report

Improved Security and Backups Result in Record Low Number of Ransomware Payments

Only 37% of ransomware victims paid a ransom in Q4, a record low as security and backup continuity investments pay off.

Bill SiegelJanuary 20, 2023Quarterly Report

Uber Verdict Raises New Risks for Ransom Payments

The conviction of a high profile security executive who paid to suppress a data leak has created a new dimension of risk for security executives.

Bill SiegelOctober 26, 2022Quarterly Report

Fewer Ransomware Victims Pay, as Median Ransom Falls in Q2 2022

Ransomware actors became more fluid in Q2 2022 as attribution becomes harder, and fewer victims succumb to paying cyber criminals.

Bill SiegelJuly 28, 2022Quarterly Report

HSGAC Hearing Recap: Ransomware Attacks and Ransom Payments Enabled by Cryptocurrency

During a recent HSGAC hearing, Coveware had the opportunity to provide testimony on how ransomware attacks are impacting US companies, and the importance mandatory reporting.

Bill SiegelJune 14, 2022

Ransomware Threat Actors Pivot from Big Game to Big Shame Hunting

Less Victims of Ransomware are Paying, even as Cybercriminals Shift from Big Game to Big Shame Hunting

Bill SiegelMay 3, 2022Quarterly Report

How the Russian/Ukraine war may lead to an explosion in Ransomware attacks

The long term impact of sanctions on Russian unemployment has the potential to increase the volume of future Ransomware attacks.

Bill SiegelMarch 25, 2022

Law enforcement pressure forces ransomware groups to refine tactics in Q4 2021

Ransomware as a service groups are shifting their tactics as enterprises become harder targets, and law enforcement pressure mounts.

Bill SiegelFebruary 3, 2022Quarterly Report

Ransomware as a Service Innovation Curve

As the Ransomware attacks continue, the direction and growth of the RaaS model is following a traditional innovation trajectory.

Bill SiegelJanuary 27, 2022

Ransomware attackers down shift to 'Mid-Game' hunting in Q3 2021

Ransomware attacks continued to proliferate in Q3 as governments and law enforcement ratchet up the pressure of the cyber extortion economy

Bill SiegelOctober 21, 2021Quarterly Report

Q2 Ransom Payment Amounts Decline as Ransomware becomes a National Security Priority

Ransomware payment amounts declined in Q2 as several high profile attacks escalated the attention of the US government and law enforcement.

Bill SiegelJuly 23, 2021Quarterly Report

What We Can Learn From Ransomware Actor "Security Reports"

Ransomware Actors Explain in their Own Words How to Become an Expensive Target through security reports written to victims.

Bill SiegelJune 24, 2021

Ransomware Attack Vectors Shift as New Software Vulnerability Exploits Abound

Ransomware attacks continued to proliferate in Q1 2021 as several common but unpatched software vulnerabilities created a fresh supply of compromised network access to ransomware affiliates.

Bill SiegelApril 26, 2021Quarterly Report

Ransomware Recovery Blog