Ransomware payments are now a critical business decision
Despite the efforts of law enforcement agencies to stop and bring to justice those responsible for ransomware attacks, the situation is not improving.
While authorities do not recommend making a ransomware payment, some companies are forced to make that choice in order to continue their operations. In this article, we present some important statistics about the ransom demands that companies are facing.
83% of organizations experienced at least one ransomware attack in the last year
Onapsis | ERP Security in the Age of AI-Enhanced Ransomware | September 2024
- 34% of organizations that experience ransomware attacks pay the ransom every time, 21% pay the ransom only some of the time, and 45% never pay the ransom.
- 83% of respondents who paid the ransom at least once saying they have worked with a ransomware broker.
MFA bypass becomes a critical security issue as ransomware tactics advance
SpyCloud | 2024 Malware and Ransomware Defense Report | September 2024
- The data shows that year-over-year, significantly more organizations paid a ransom: 62% this year vs. 48% last year. But only about a third of those organizations fully recovered their data.
74% of ransomware victims were attacked multiple times in a year
Semperis | Ransomware Risk Report: Embracing The Assume Breach Mindset | August 2024
- 78% of targeted organizations paid the ransom, 72% paid multiple times, and 33% of those paid ransom four times or more.
- 87% of attacks caused business disruption—even for those that paid ransom, including data loss and the need to take systems offline.
- 35% of victims who paid ransom either did not receive decryption keys or received corrupted keys.
Record-breaking $75 million ransom paid to cybercrime group
Zscaler | Zscaler ThreatLabz 2024 Ransomware Report | August 2024
- The findings from the report uncovered a record-breaking ransom payment of $75 million to the Dark Angels ransomware group, which is nearly double the highest publicly known ransomware payout.
Cyber insurance isn’t the answer for ransom payments
Veeam Software | Veeam 2024 Ransomware Trends Report | June 2024
- For the third year in a row, 81% of organizations surveyed paid the ransom to end an attack and recover data. One in three of these organizations that paid the ransom still could not recover even after paying.
- Despite only a minority of organizations possessing a policy to pay, 81% opted to do so. 65% paid with insurance and another 21% had insurance but chose to pay without making a claim. This implies that in 2023, 86% of organizations had insurance coverage that could have been utilized for a cyber event.
Cybercriminals shift tactics to pressure more victims into paying ransoms
At-Bay | 2024 InsurSec Report| May 2024
- The average ransom demand by attackers exceeded $1.26 million in 2023, though the average amount paid came in at $282,000, 77% lower than the initial demand on average.
- A ransom payment was avoided in 54% of the incidents At-Bay saw.
Ransomware attacks impact 20% of sensitive data in healthcare orgs
Rubrik | The State of Data Security: Measuring Your Data’s Risk | May 2024
- 93% of external organizations that endured a ransomware attack reported paying a ransom demand, with 58% of these payments motivated primarily by threats to leak stolen data.
Ransom recovery costs reach $2.73 million
Sophos | State of Ransomware 2024 | May 2024
- Average ransom payment has increased 500% in the last year.
- Organizations that paid the ransom reported an average payment of $2 million, up from $400,000 in 2023.
Paying ransoms is becoming a cost of doing business for many
Cohesity | Cohesity Research | February 2024
- 94% of respondents said their company would pay a ransom to recover data and restore business processes, while 5% said ‘maybe, depending on the ransom amount.
- 67% said their company would be willing to pay over $3 million to recover data and restore business processes, with 35% of respondents saying their company would be willing to pay over $5 million.