February 21, 2024


Ransomware attacks are one of the biggest cyber threats facing organizations, and their incidence is only increasing. In a successful ransomware attack, fraudsters deploy malware to decrypt critical organizational data, rendering vital information inaccessible. There is no doubt that businesses must take defensive measures and employ robust cybersecurity solutions to protect their organizations and their bottom line.

A recent survey British cybersecurity firm Sophos has seen a significant increase in ransom payments compared to the previous year. The average ransom payment is expected to nearly double from $812,380 in 2022 to $1,542,333 in 2023. The study also showed that the median ransom payment was $400,000.

More profitable organizations are paying higher ransoms

According to Sophos, the amount of ransom demanded has increased significantly, with 40% of organizations reporting paying $1 million or more, up from 11% a year ago.

It’s no surprise that the highest ransom payment amounts are attributed to larger revenue-generating organizations. This shows that bad actors are ready to embezzle accepted ransom payment amounts based on an organization’s ability to pay.

according to protectorif an organization’s revenue exceeds $5 billion, the likelihood of being attacked increases significantly.

All organizations, big or small, are affected by ransomware attacks

Smaller organizations have fewer resources and smaller budgets to defend against ransomware attacks. This is especially true for educational institutions. In contrast, IT, technology and telecommunications companies had their networks the most prepared and therefore less likely to be targeted.

It is further evidence that for most organizations whose data was frozen, they were able to restore it through existing backup systems. Those organizations with the highest income were the most likely to pay to have access to their information, with 46% paying the ransom.

“Organizations with lower annual revenues have less money to pay ransoms, forcing them to focus on backups for data recovery,” the report said. “At the same time, larger revenue organizations often have complex IT infrastructures, which can make it more difficult for them to use backups to restore data in a timely manner. They are also the businesses best positioned to emerge from this situation.”