Security outfit Sophos has added up some numbers and worked out that the average total cost of recovery from a ransomware attack has more than doubled in a year.
In its The State of Ransomware 2021 report, Sophos found that the cost increased from $761,106 in 2020 to $1.85 million in 2021.
The average ransom paid is $170,404. The global findings also show that only eight percent of organisations managed to get back all of their data after paying a ransom, with 29 percent getting back no more than half of their data.
The survey polled 5,400 IT decision-makers in mid-sized organisations in 30 countries across Europe, the Americas, Asia-Pacific and Central Asia, the Middle East, and Africa.
While the number of organisations that experienced a ransomware attack fell from 51 percent of respondents surveyed in 2020 to 37 percent in 2021, and fewer organisations suffered data encryption as the result of a significant attack (54 percent in 2021 compared to 73 percent in 2020), the survey results reveal worrying upward trends, particularly in terms of the impact of a ransomware attack.
Sophos principal research scientist Chester Wisniewski said that the decline in the number of organisations being hit by ransomware is good news, but it is tempered by the fact that this is likely to reflect, at least in part, changes in attacker behaviour.
“We’ve seen attackers move from larger scale, generic, automated attacks to more targeted attacks that include human hands-on-keyboard hacking. While the overall number of attacks is lower as a result, our experience shows that the potential for damage from these more advanced and complex targeted attacks is much higher. Such attacks are also harder to recover from, and we see this reflected in the survey in the doubling of overall remediation costs.”
The main findings of the State of Ransomware 2021 global survey include:
• The average cost of remediating a ransomware attack more than doubled in the last 12 months. Remediation costs, including business downtime, lost orders, operational costs, and more, grew from an average of $761,106 in 2020 to $1.85 million in 2021. This means that the average cost of recovering from a ransomware attack is now 10 times the size of the ransom payment, on average
• The average ransom paid was $170,404. While $3.2 million was the highest paid out of those surveyed, the most common payment was $10,000. Ten organisations paid ransoms of $1 million or more
• The number of organisations that paid the ransom increased from 26 percent in 2020 to 32 percent in 2021, although fewer than 10 percent managed to get back all of their data
“The findings confirm the brutal truth that when it comes to ransomware, it doesn’t pay to pay. Despite more organisations opting to pay a ransom, only a tiny minority of those who paid got back all their data”, said Wisniewski.
More than half of respondents believe cyberattacks are now too advanced for their IT team to handle on their own
Extortion without encryption is on the rise. A small, but important seven percent said that their data was not encrypted, but they were held to ransom anyway, possibly because the attackers had managed to steal their information. In 2020, this figure was three percent.
