Last year, high-profile incidents like the WannaCry ransomware outbreak[1] made the file-encrypting malware internet enemy number one.
WannaCry was not alone of course: the NotPetya attack[2] followed just weeks later, and this was followed by a third -- albeit much smaller -- ransomware outbreak dubbed Bad Rabbit which hit Russia and Eastern Europe in September[3].
And all the while other, less high-profile ransomware attacks have occurred on a regular basis, causing trouble for organisations around the world, like the Locky ransomware which disrupted the networks of a hospital[4]. Other ransomware, like Cerber ransomware, was available 'as-as-service' to almost anyone[5] who wanted to make money this way.
But as 2017 went on the impact of ransomware dwindled. Detections of Locky, Cerber and other long-standing ransomware families massively declined[6].
Indeed, Kaspersky Lab's latest Kaspersky Security Network[7] report claims that ransomware as a whole is "rapidly vanishing" with a 30 percent decline in ransomware attacks between April 2017 and March 2018 compared with the same period the previous year.
And a recent threat report by McAfee Labs[8] also suggests a drop in the detection of ransomware attacks -- putting the decline at 32 percent. There appears to be a clear trend here -- that the number of ransomware attacks and the number of ransomware families is dropping off.
"A year ago we probably had four large groups dealing in ransomware, distributing themselves or running an affiliate model, but we've seen those large groups go away. There are a couple remaining, but it's not quite as dramatic during 2017," Keith Jarvis, senior security researcher at Secureworks told ZDNet.
A key