This started as a conversation on Twitter, but I thought it merited a deeper dive. Coveware released its quarterly report showing a deep dive in the average ransom payment for Q2, 2021. Looking at their average ransom payments since the 4th quarter of 2019, this is the steepest drop in ransom payments they have ever reported.

Adam Sculthorpe noted that there appears to be a correlation between the drop in ransom payments (not necessarily ransom demanded) and the drop in Bitcoin this year. While, I don’t think he is wrong, I also don’t think the drop in Bitcoin price fully explains the drop off in average ransomware payments.

In the chart above I mapped the price of Bitcoin on the last day of each quarter along with the average ransom demand from Coveware for each of those quarters. Obviously, it is not an apples to apples comparison as I am looking at a snapshot price of Bitcoin vice an average ransom payment, but at first glance, there does not seem to be much of a longterm correlation between the two.

Looking at full year data for 2020, the price of Bitcoin went from roughly $7200 at the end of December 2019 to over $32000 in December of 2020, a 340% increase. On the other hand, the average ransomware payment, according to Coveware, went from $84,000 in December of 2019 to $154,000 in December of 2020, only an 83% increase.

Palo Alto’s Unit 42 doesn’t usually release quarterly numbers but they do release yearly numbers and their numbers tell a similar story. Their average ransom payment went from $115,000 in December of 2019 to $312,000 in December of 2020 (note: both numbers are averaged out over the whole year) that is a 171% increase. While that is notably larger than the reported Coveware increase, it is still half the increase in Bitcoin price.

So, while the price of Bitcoin may have some impact on average ransom demand, it is likely that there are a lot of other factors that have a bigger impact.