Paying the Ransom Doubles the Cost of a Ransomware Attack

iStock-845470768The total cost of the average ransomware attack more than doubles if the victim decides to pay the ransom, according to Sophos’s State of Ransomware 2020 report. The Sophos-commissioned survey of 5,000 IT managers around the world found that the average total cost of a successful ransomware attack—taking into account factors such as downtime, technical recovery, extra hours, lost business, as well as the ransom payment—was $732,000 for victims that refused to pay the ransom. Interestingly, that number rises to $1,448,000 for organizations that do pay the ransom.

The researchers attribute this finding to the fact that ransomware attacks are extremely costly even if the victim has backups or the convenience of a decryption key. Ransom demands often run into hundreds of thousands of dollars or more, so the ransom payment adds a large chunk of cash on top of all the other costs.

Overall, the report found that 51% of organizations experienced at least one ransomware incident last year, and 73% of these attacks led to data being encrypted. 26% of the victims paid the ransom, while 56% recovered from backups.

Additionally, the report confirms a well-documented trend in which the number of ransomware incidents has declined as threat actors spend more time launching targeted attacks. These attacks are usually far more damaging to the victim organization than untargeted attacks.

The survey also found that ransomware operators don’t discriminate based on organization size. 47% of the attacks hit organizations with less than 1000 employees, while 54% hit larger organizations.

“What really stands out when we look at this data is that there is no single main attack vector,” the researchers conclude. “Rather, attackers are using a range of techniques and whichever defense has a weakness is how they get in. When one technique fails they move on to the next, until they find a weak spot.”

New-school security awareness training can provide your organization with an essential layer of defense by enabling your employees to identify and avoid falling for phishing attempts.

Sophos has the story:

Ransomware Has Gone Nuclear, How Can You Avoid Becoming The Next Victim?

There is a reason more than half of today’s ransomware victims end up paying the ransom. Cybercriminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.

After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

GoneNuclear-WEBINARJoin us for this webinar where, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, dives into:

  • Why data backups (even offline backups) won’t save you
  • Evolved threats from data-theft, credential leaks, and corporate impersonation
  • Why ransomware isn’t your real problem
  • How your end users can become your best, last line of defense

Watch Now

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews