I covered a lot of market data yesterday, and there’s a significant bit of security data to look at today.
Ransomware payments have experienced a significant decline, with victims paying around $814 million in cryptocurrency in 2024, reflecting a 35 percent drop from the record-setting $1.25 billion in 2023, according to new data from Chainalysis. The second half of 2024 saw an even sharper slowdown, as ransomware payments decreased after July. This decline is due to law enforcement’s disruption of several notable ransomware gangs, including LockBit and BlackCat. Moreover, many victims are increasingly refusing to pay, likely due to improved data backups and enhanced cybersecurity practices. Despite the reduction in payments, the number of reported ransomware incidents on dark-web leak sites has reached an all-time high, indicating that while attackers are targeting more victims, fewer are complying with ransom demands.
In 2024, hackers became more efficient and sophisticated, targeting businesses of all sizes, according to the Huntress 2025 Cyber Threat Report. The report reveals that the gap in attack sophistication between large and small businesses has nearly disappeared, with advanced evasion techniques becoming common. Ransomware groups, including Lynx and Akira, are employing high payout strategies to drive a significant increase in attacks, with incidents from these groups rising by nearly 16 percent compared to the previous year. Notably, the education, healthcare, and technology sectors were the primary targets, with education accounting for 21 percent of all attacks. The report highlights that automated tools played a role in 87 percent of attacks.
The adoption rate of the Domain-based Message Authentication, Reporting, and Conformance standard, known as DMARC, has doubled following mandates from Google and Yahoo for bulk email senders to implement it. This change began in February 2024, resulting in approximately 2.3 million domains now utilizing DMARC, though around 87% of domains still lack a record. The latest Payment Card Industry Data Security Standard has made DMARC mandatory for organizations handling credit card information, underscoring the growing regulatory push for enhanced email security.
A new report from KnowBe4 reveals that the average cost of a data breach surged to nearly five million dollars in 2024. Significant increases in claim severity were noted in regions such as the United States, the Middle East, and Europe.
Why do we care?
The 35% decline in ransomware payments suggests that global law enforcement actions against major groups like LockBit and BlackCat are having an impact. However, the rise in reported incidents on leak sites shows that attackers are still active—just not always getting paid.
I need to say this – DMARC isn’t working. 87% of domains still lack implementation? Shouting about it isn’t moving the needle.
It’s obvious that cybersecurity is a need. The key is finding the appropriate balance for customers to stay just far enough ahead that most criminals move on, and have Strong data backup strategies, rapid incident response, and robust employee training.
