Recent law enforcement actions against major ransomware gangs AlphV and Lockbit may have had more success than initially perceived. Post-takedown, AlphV executed an exit scam after collecting a $22 million ransom from Change Healthcare, leaving its partners in the dark. Lockbit's downfall was exacerbated by the identification of its leader, Dmitry Khoroshev, leading to U.S. sanctions. The resulting vacuum in the ransomware ecosystem gave rise to less capable groups, which, while increasing incidents in 2024, struggled to secure larger ransoms, reflecting a shift towards quantity over quality in attacks.
AlphV and Lockbit, though hit by law enforcement, still managed to exploit the ransomware landscape, resulting in a notable change in ransom dynamics.
The emergence of new ransomware groups post-takedown led to a decline in larger ransom payments, with newer actors lacking the skills of their predecessors.
The 2024 ransomware incident rates were higher than 2023, despite lower overall ransom amounts due to newer actors prioritizing frequency over larger payouts.
Law enforcement efforts have disrupted major ransomware players, leading to a significant reduction in the effectiveness of ransom demands by emerging groups.
Collection
[
|
...
]