Average ransom payments have surged by 500% to reach $2m per payment, as reported by Sophos’ The State of Ransomware 2024. Despite a decrease in the rate of organizations being hit by ransomware, ransom demands of $1m or more were made for nearly two-thirds of cases. The research shows that ransomware operators are now seeking larger payoffs, with significant percentages of demands exceeding $5m
The study revealed that 46% of those receiving seven-figure ransom demands had a revenue of less than $50m, and only 24% paid the original demand amount. Additionally, 40% of ransom payment funding came from victim organizations themselves, while insurance providers contributed in 23% of cases. Large organizations, especially those with revenues over $5bn, were more likely to pay attackers after being hit. The average recovery cost from a ransomware attack excluding the ransom payment rose to $2.73m, and the recovery time increased in 2023, with only 35% of victims fully recovered within a week. Exploited vulnerabilities were the primary cause of ransomware attacks, and organizations facing attacks from unpatched vulnerabilities experienced more severe outcomes, including higher recovery costs and a higher likelihood of paying the ransom. Large organizations tended to experience ransomware attacks originating from unpatched vulnerabilities more frequently. The study also highlighted that cybercriminals targeted backups in 94% of ransomware victims, leading to successful compromises in 57% of cases. Data theft is on the rise, providing attackers with additional leverage, and organizations resorted to restoring backups or paying the ransom to retrieve encrypted data. Despite these challenges, most organizations managed to recover their data after encryption. The report indicates a worrying trend in ransomware incidents, emphasizing the critical need for proactive cybersecurity measures and robust incident response strategies to combat this growing threat. https://www.infosecurity-magazine.com/news/ransom-payments-surge-500/