Ransom payments surge to staggering $2M on average, a 500% jump from last year


Firms all over the world have been hit hard by ransomware gangs. Not only has the average ransom payment reached $2 million, but it takes another $2.7 million for a victim to fully recover.

Ransoms are only one part of the cost, warned cybersecurity company Sophos in its annual State of Ransomware 2024 report. The average recovery cost has jumped by nearly $1 million. Now, it takes over $2.7 million to get a business back up and running after an attack. And that’s on top of the ransom that the victim already paid to cybercriminals.

While the survey showed a slight reduction in the rate of ransomware attacks, they remain the most dominant threat, fueling the cybercrime economy.

“Without ransomware, we would not see the same variety and volume of precursor threats and services that feed into these attacks. The skyrocketing costs of ransomware attacks belie the fact that this is an equal-opportunity crime. The ransomware landscape offers something for every cybercriminal, regardless of skill,” said John Shier, field CTO of Sophos.

And while some crooks go after major corporations hoping for multi-million dollar payments, plenty of gangs target small and medium businesses trying to make it up in volume.

Most often, cybercriminals exploit vulnerabilities and use compromised credentials and malicious emails to initiate ransomware.

Around a quarter of victims paid the ransom amount that was originally requested by attackers. While insurance providers are increasingly frowning upon ransomware payments, the Sophos survey showed that 23% of ransom funding came from them.

Another notable finding is crooks going after backups. In nearly all of the cases, ransomware gangs attempted to compromise the victims’ backups so they’d have no way to keep the business in operation without meeting their demands. Unfortunately, in 57% of the cases, crooks were successful in compromising backups.

“The two most common root causes of ransomware attacks – exploited vulnerabilities and compromised credentials – are preventable, yet still plague too many organizations,” Shier added.


More from Cybernews:

Will Australia ban X?

CISA’s ransomware warnings helped patch 852 vulnerabilities

Airchat – the latest social networking platform for audio communication – review

BerryDunn suffers third-party breach, 1M affected 

Two Apple apps will be available on Philips's latest OLED TV models 

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked