The Average Ransom Demand of $5.3M in 2021 is Up 518% From Last Year

Stu Sjouwerman | Aug 18, 2021

Average Ransom DemandCybercriminals appear to be more aggressive with their idealistic ransom demands as some gangs continue to evolve, using new “quadruple extortion” tactics to ensure payment.

In security vendor Palo Alto Network’s recent Unit 42 Ransomware Threat Report, 1H 2021 Update, we get a taste of some data points that spell future trouble for organizations hit with ransomware. According to the Update:

  • Last year’s average demand was $847,000. Today it’s $5.3 Million
  • The highest demand seen by Unit 42 consultants was $50 Million
  • Not only is the ransom demand up, but the average ransomware payments have climbed 82% since 2020 to a record $570,000 in the first half of 2021
  • The largest disclosed ransom payment was $11 Million by meat producer JBS

To make matters worse, in addition to the use of threatening to contact customers, business partners, employees and media as the third form of extortion, Unit 42 is now seeing a fourth mode – adding a Denial of Service (DoS) attack against the victim’s websites – now counting as a quadruple extortion.

The ransomware gangs are getting laser focused on how to turn up the pressure on victim organizations. And it’s evident that if you choose to take your chances, it’s likely going to cost you a lot to pay your way out.

The less expensive and more effective alternative is to minimize the human attack surface found in phishing attacks through the use of Security Awareness Training to educate users on how to avoid becoming a victim of phishing, spear phishing, and social engineering attacks. By teaching them to spot suspicious and/or malicious content, they can eliminate any interaction that would enable a threat actor from continuing their attack.

Topics: Ransomware

Test Your Network’s Defenses with our Free Ransomware Simulator

When employees bypass guidance and fall for social engineering, your network security is the last line of defense. Run our 100% harmless RanSim tool on Windows 10+ workstations to safely simulate 25 ransomware and cryptomining infection scenarios, pinpoint technical vulnerabilities, and get your results in minutes.

Launch Your Free Ransomware Simulation

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.