The average ransom paid in ransomware attacks in 2021 increased fivefold compared to 2020 according to the annual survey the State of Ransomware 2022 by cyber security firm Sophos.
The survey found that 46% of the organisations that had their data encrypted in ransomware attacks, paid ransom and the average ransom paid increased nearly fivefold to $812,360.
The survey revealed that 66% of participating organisations were hit with ransomware in 2021, up from 37% in 2020 and there was a threefold increase in the proportion of organisations paying ransoms of $1m or more.
The report surveyed the impact of ransomware on 5,600 mid-sized organizations in 31 countries across Europe, the Americas, Asia Pacific and Central Asia, the Middle East and Africa. Only 965 organisations shared the details of ransomware payments.
Sophos principal research scientist Chester Wisniewski said, “Alongside the escalating payments, the survey shows that the proportion of victims paying up also continues to increase, even when they may have other options available. There could be several reasons for this, including incomplete backups or the desire to prevent stolen data from appearing on a public leak site.
“In the aftermath of a ransomware attack there is often intense pressure to get back up and running as soon as possible. Restoring encrypted data using backups can be a difficult and time-consuming process, so it can be tempting to think that paying a ransom for a decryption key is a faster option.”
Mr Wisniewski said, “It is, however, an option fraught with risk. Organisations don’t know what the attackers might have done, such as adding backdoors, copying passwords and more. If organisations don’t thoroughly clean up the recovered data, they’ll end up with all that potentially toxic material in their network and potentially exposed to a repeat attack.” A