• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

Sophos: Average 2021 Ransomware Payment Skyrockets to More Than $800,000

Despite better tools and cyber insurance, the average ransomware payment and percentage of victims that pay the ransom continue to rise.

April 27, 2022 Zachary Comeau Leave a Comment

Barracuda networks ransomware, cyberinurance

An alarming new report from U.K.-based cybersecurity company Sophos finds that both the amount of organizations hit with ransomware and the ransom paid are drastically increasing, with the average ransomware payment now not far off from reaching seven figures.

The company’s State of Ransomware 2022 report, the results of a survey of 5,600 IT professionals at organizations from 31 countries around the world, shows that 66% were hit with ransomware last year, a marked increase from just 37% that reported being impacted by ransomware in 2020.

Even more alarming, the average ransomware payment has skyrocketed to $812,360, a fivefold increase from 2020. Based on 965 organizations that shared details of ransomware payments, the report also discovered a threefold increase in the percentage of organizations paying ransoms of $1 million or more (from 4$ to 11%), signaling that the ransomware industry is as lucrative and robust as ever.

Organizations are too willing to pay the ransom

Sophos also found that nearly half of all organizations that had data encrypted by a ransomware threat actor paid the ransom to get their data back. The data also suggests that organizations are opting to pay the ransom even if they have data recovery tools at this disposal, as 26% of organizations paid the ransom despite being able to restore from backups.

According to Chester Wisniewski, principal research scientist at Sophos, there could be several reasons for paying the ransom while maintaining backups, including incomplete backups, preventing stolen data from appearing on leak sites or pressure to get back up and running quickly.

Restoring encrypted data using backups can be a difficult and time-consuming process, so it can be tempting to think that paying a ransom for a decryption key is a faster option. It’s also an option fraught with risk,” Wisniewski said in a statement. “Organizations don’t know what the attackers might have done, such as adding backdoors, copying passwords and more. If organizations don’t thoroughly clean up the recovered data, they’ll end up with all that potentially toxic material in their network and potentially exposed to a repeat attack.”

Ransomware attackers are also becoming more successful at encrypting data, with 65% of attacks successfully doing so in 2021, compared with an encryption rate of 54% in 2020.

However, it isn’t just the average ransomware payment that has IT professionals up at night, Sophos’ report found, as 57% say they’ve seen an increase in the volume of overall cyberattacks, 59% saw the complexity of attacks increase, and 79% saw an increase in at least one of those areas. Despite those challenges, organizations are getting better at restoring data after an attack, with nearly all (99%) or organizations able to restore data after a ransomware attack, which is up slightly from 96% in 2020.

Sophos’ State of Ransomware 2022 Report reaffirms the importance of maintaining backups, as the technology was the top method used to restore data, used by 73% of organizations that had their data encrypted.

While more organizations are paying the ransom, the percentage of data restored after paying has dropped from 2020 to 2021, from 65% to 61%. Further, just 4% got all their data back, another decrease from 8% in 2020.

Cybersecurity insurance could be driving higher payments

Organizations are increasingly relying on cybersecurity insurance to help them recover from an attack, with 83% of organizations holding cyber policies that covers them in the event of a ransomware attack. In 98% of those incidents, the insurer paid some or all of the costs, and 40% covered the ransom payment, according to the report.

According to Wisniewski, this may be the “peak in the evolutionary journey of ransomware where attackers’ greed for ever higher ransom payments is colliding head on with a hardening of the cyber insurance market as insurers increasingly seek to reduce their ransomware risk and exposure.”

Ransomware is becoming easier for criminals to deploy, and insurance providers covering the ransomware demands may be driving the average ransomware payment even higher, the cybersecurity expert said. However, cybersecurity insurance is becoming tougher, which could make victims less willing to pay ransoms and more willing to harden their environments.

“Sadly, this is unlikely to reduce the overall risk of a ransomware attack,” Wisniewski said. “Ransomware attacks are not as resource intensive as some other, more hand-crafted cyberattacks, so any return is a return worth grabbing and cybercriminals will continue to go after the low hanging fruit.”

Sophos concludes the report with five tips, including implementing high-quality defenses at all points in the environment, proactively hunting for threats, hardening environments by closing down security gaps, planning for cyber incidents and practicing restoring from backups.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Cybersecurity, ransomware, Sophos

Related Content:

  • InfoComm Logo InfoComm 2023 Show to Spotlight Emerging Technologies
  • MOVEit vulnerability, zero-day, Progress Software Act Now: Vulnerability in Progress Software’s MOVEit Transfer…
  • iPhone security bug, Apple, Kaspersky Kaspersky Discovers New 0-Click iOS Exploit
  • C919 The Cyberattacks and Insider Threats During The Development…

Free downloadable guide you may like:

  • Download TechDecisions' Blueprint Series report on Security Awareness now!Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

    Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared to defend against them in this report from TechDecisions' Blueprint Series.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Download TechDecisions' Blueprint Series report on Security Awareness now!
Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared t...

Workplace Collaboration Tools for Corporate Spaces
Workplace Collaboration Tools for Corporate Spaces

From lobbies and shared spaces to conference rooms and multipurpose facilities, you need high-performing AV technology to effectively share informa...

ChatGPT, generative AI, enterprise, workplace
Blueprint Series: ChatGPT and Generative AI in the Workplace

This latest release of the TechDecisions Blueprint Series explores the new phenomenon of tools such as ChatGPT and how IT leaders should go about d...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.