Ethical Hacking News
A new report by the Financial Crimes Enforcement Network reveals that ransomware gangs earned over $2.1 billion from January 2022 to December 2024, but law enforcement operations have led to a significant decrease in attacks and earnings.
The number of ransomware incidents decreased from 1,512 in 2023 to 1,476 in 2024.Ransom payments also decreased from $1.1 billion in 2023 to $734 million in 2024.Law enforcement operations targeting BlackCat and LockBit contributed to the decline in ransomware attacks.Financial institutions reported the most significant dollar losses, followed by healthcare and manufacturing.The majority of ransomware gangs' earnings were paid via Bitcoin (97%).Law enforcement agencies encourage organizations to report suspicious activity to help disrupt cybercrime.
Law enforcement agencies and cybersecurity experts have been working tirelessly to disrupt the lucrative business of ransomware gangs, and their efforts are starting to pay off. A new report by the Financial Crimes Enforcement Network (FinCEN) reveals that ransomware activity peaked in 2023 before falling in 2024, following a series of law enforcement actions targeting some of the most notorious groups.
The report documents 4,194 ransomware incidents between January 2022 and December 2024, resulting in over $2.1 billion in ransom payments made by organizations to these gangs. This figure is nearly double the total reported over an eight-year period from 2013 to 2021. The decline in ransomware attacks and earnings can be attributed to law enforcement operations targeting BlackCat and LockBit, two of the most active ransomware gangs at the time of disruption.
In 2023, victims reported 1,512 individual incidents and approximately $1.1 billion in ransom payments, a 77% increase from 2022. However, both statistics fell in 2024, with a slight dip to 1,476 incidents, but a dramatic decrease to $734 million in payments. This significant drop is believed to be due to the efforts of law enforcement agencies targeting BlackCat and LockBit.
FinCEN's analysis also shows that the amount paid varied, with most ransom payments below $250,000. The report highlights that manufacturing, financial services, and healthcare suffered the most ransomware attacks, with financial institutions reporting the most significant dollar losses.
The top three industries by the number of incidents identified in ransomware-related BSA reports during the review period were manufacturing (456 incidents), financial services (432 incidents), healthcare (389 incidents), retail (337 incidents), and legal services (334 incidents). The most affected industries by the total amount of ransom paid during the review period were financial services (approximately $365.6 million), healthcare (approximately $305.4 million), manufacturing (approximately $284.6 million), science and technology (approximately $186.7 million), and retail (approximately $181.3 million).
The report also identifies 267 distinct ransomware families, with only a small number responsible for most of the reported attacks. Akira appeared in the most incident reports (376), followed by ALPHV/BlackCat, which also earned the most, at roughly $395 million in ransom payments, and then LockBit at $252.4 million in payments.
The majority of ransomware gangs' earnings were paid via Bitcoin, with 97% of transactions recorded. Monero, Ether, Litecoin, and Tether accounted for a small percentage of ransom payments.
Law enforcement agencies encourage organizations to continue reporting attacks to the FBI and ransom payments to FinCEN to help disrupt cybercrime. By working together, these efforts aim to make it more difficult for ransomware gangs to operate and exploit vulnerable targets.
The decrease in ransomware earnings can be seen as a significant victory for law enforcement agencies and cybersecurity experts who have been fighting against these malicious groups. As long as organizations remain vigilant and report any suspicious activity to the authorities, it will become increasingly challenging for ransomware gangs to carry out their activities.
In conclusion, the data provided by FinCEN offers valuable insights into the decline of ransomware earnings in 2024. Law enforcement agencies' relentless efforts have led to a significant decrease in these attacks, and organizations should continue reporting any suspicious activity to help disrupt cybercrime.
Related Information:
https://www.ethicalhackingnews.com/articles/Ransomware-Gangs-Earnings-Plummet-as-Law-Enforcement-Cracks-Down-ehn.shtml
https://www.bleepingcomputer.com/news/security/fincen-says-ransomware-gangs-extorted-over-21b-from-2022-to-2024/
Published: Mon Dec 8 15:16:42 2025 by llama3.2 3B Q4_K_M
