Ransomware is (slightly) on the decline, cyber insurance company claims

Ransomware is (slightly) on the decline, cyber insurance company claims

While ransomware attacks remain highly dangerous, data from a prominent insurer suggests that their frequency and severity is beginning to decline.

Credit: Dreamstime

Ransomware attacks began to become both less common and less costly in the first half of 2022, as payments to attackers and the number of attacks that resulted in paid ransoms both shrank, according to new data released today by cyber insurance company Coalition.

After increasing sharply at the outset of the pandemic, the frequency of ransomware claims made by Coalition policyholders shrank sharply during the first six months of the year, dropping from a peak of 0.66 per cent of all policyholders in the second half of last year to 0.41 per cent in early 2022 — a figure lower than the initial 0.44 per cent seen in 2020’s second half, when the COVID crisis was at its height.

Part of the reason for this decline, according to the Coalition report, is the growing prevalence of offline back-up systems at major companies, which means that more ransomware targets can simply restore their data without having to engage with their attackers. 

Additionally, the company said, outside sources like recovery services provider Coveware and Verizon indicate that the average size of a ransomware payoff has declined precipitously in recent months.

Strategy of ransomware groups evolve

It's important to note, however, that the organised groups behind many of the most prominent ransomware attacks have constantly evolving strategies, Coalition said.

“Over the last three years, cyber attacks have evolved into a viable criminal business model with threat actor groups such as ContiLockbit, and Hive continuing to make headlines,” the report said.

Moreover, one of those evolutions seems to be a shift toward targeting smaller businesses, which are often less able to cope with the consequences of ransomware attacks. The average cost of a cyber incident claim for a small business in the first half of 2022 was $139,000 — a hefty sum for a small company.

“Cyber incidents have the power to put very small organisations out of business,” Coalition warned.

Gartner senior director analyst Jon Amato agreed that, while ransomware is somewhat in decline, it remains a “profit center” for cyber criminals, and is still a critical danger to vulnerable organisations.

“Tamper-resistant back-ups and better detection methods have helped here, as have legislative solutions banning or strictly regulating ransom payment,” he said. “In addition, many organisations (both in the public and private sectors) have simply taken the position that they will not pay under any circumstances.”

Amato noted that related attack techniques, which don’t rely on completely locking victims out of their systems, can be more difficult to deter with purely technical solutions.

“For example, data exfiltration and the threat of sensitive data disclosure is becoming an increasingly prevalent attack technique, which can in some cases make having good backups and recovery processes irrelevant to the pay/no-pay decision,” he said.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cyber securityransomware



Join key decision-makers within Environmental, Social, and Governance (ESG) that have the power to affect real change and drive sustainable practices. SustainTech will bridge the gap between ambition and tangible action, promoting strategies that attendees can use in their day-to-day operations within their business.

EDGE 2023

EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.


ARN has celebrated gender diversity and recognised female excellence across the Australian tech channel since first launching WIICTA in 2012, acknowledging the achievements of a talented group of female front runners who have become influential figures across the local industry.

ARN Innovation Awards 2023

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

Show Comments