Ransomware Payments Drop as Law Enforcement Disrupts Criminal Networks

A recent report from Chainalysis reveals a significant decline in ransomware payments, marking the first drop in years. The total amount paid to cybercriminals fell from $1.25 billion to $812.55 million in 2024, a decrease of about 35%.

 

Jackie Burns Koven, head of cyberthreat intelligence at Chainalysis, noted that the first half of the year suggested record-breaking payments, but a sharp decline followed. This shift coincided with law enforcement crackdowns on major ransomware groups, particularly LockBit and AlphV/BlackCat, which were dismantled or disrupted.

 

“These groups no longer exist,” Koven said. “Authorities have sent a clear message—if you draw too much attention, you’re a target.”

 

The FBI, UK’s National Crime Agency, and other agencies have been actively targeting ransomware-as-a-service operators, making it harder for criminal groups to organize. Laura Galante, a former U.S. intelligence official, said these efforts have forced ransomware gangs into disarray.

 

Beyond law enforcement actions, businesses are increasingly refusing to pay ransoms. Koven noted that victims now recognize that paying doesn’t guarantee stolen data will be deleted, reducing their incentive to comply with attackers’ demands.

 

Despite the decline, ransomware remains a serious issue. Attacks have continued against hospitals, energy companies, and government agencies.

 

“It’s too soon to celebrate,” Koven warned. “Cybercriminals will adapt, and new threats will emerge.”

 

While the drop in payments is a positive sign, experts stress the need for continued vigilance and stronger cybersecurity measures to prevent a resurgence.