Ransomware payments increase 500% in last year: Sophos
Rate of ransomware attacks falls slightly, but recovery costs hit $2.73 million
Sophos, a global leader of innovative security solutions that defeat cyberattacks, recently released its annual "State of Ransomware 2024" survey report, which found that the average ransom payment has increased 500% in the last year.
Organizations that paid the ransom reported an average payment of $2 million, up from $400,000 in 2023. However, ransoms are just one part of the cost. Excluding ransoms, the survey found the average cost of recovery reached $2.73 million, an increase of almost $1 million since the $1.82 million that Sophos reported in 2023, reads a press release.
Despite the soaring ransoms, this year's survey indicates a slight reduction in the rate of ransomware attacks with 59% of organizations being hit, compared with 66% in 2023. While the propensity to be hit by ransomware increases with revenue, even the smallest organizations (less than $10 million in revenue) are still regularly targeted, with just under half (47%) hit by ransomware in the last year.
Keep updated, follow The Business Standard's Google news channel
The 2024 report also found that 63% of ransom demands were for $1 million or more, with 30% of demands for over $5 million, suggesting ransomware operators are seeking huge payoffs. Unfortunately, these increased ransom amounts are not just for the highest-revenue organizations surveyed. Nearly half (46%) of organizations with revenue of less $50 million received a seven-figure ransom demand in the last year.
For the second year running, exploited vulnerabilities were the most commonly identified root cause of an attack, impacting 32% of organizations. This was closely followed by compromised credentials (29%) and malicious e-mail (23%). This is directly in line with recent, in-the-field incident response findings from Sophos' most recent Active Adversary report.
Victims where the attack started with exploited vulnerabilities reported the most severe impact to their organization, with a higher rate of backup compromise (75%), data encryption (67%) and the propensity to pay the ransom (71%) than when attacks started with compromised credentials. The surveyed organizations also had considerably greater financial and operational impact, with the average recovery cost sitting at $3.58 million compared with $2.58 million when an attack started with compromised credentials and a greater proportion of attacked organizations taking more than a month to recover.
Read the State of Ransomware 2024 report for global findings and data by sector on Sophos.com.
