Ransomware attacks are one of the biggest cyber threats that organizations face, and their incidences are only growing. During a successful ransomware attack, fraudsters decrypt critical organizational data through the deployment of malicious software, rendering vital information inaccessible. Without question, businesses must be on the defensive, incorporating robust cybersecurity solutions to protect their organization and their bottom line.
A recent survey by Sophos, a British cybersecurity firm, found that ransom payments have risen significantly over the previous year. The average ransom payment is expected to nearly double from $812,380 in 2022 to $1,542,333 in 2023. The study also indicated that the median ransom payment was $400,000.
More Lucrative Organizations Are Paying Higher Ransoms
According to Sophos, there’s been a significant increase in the ransom amount being asked, with 40% of organizations reportedly paying as much as $1 million or more, as opposed to just 11% of organizations from a year prior.
It’s hardly surprising that the highest ransom payment amounts were attributed to larger revenue organizations. This demonstrates that bad actors are ready to appropriate the ransom payment amounts accepted, based on the organization’s ability to pay.
According to The Guardian, if an organization drew in more than $5 billion, the likelihood of being attacked was significantly higher.
All Organizations—Big or Small—Are Impacted By Ransomware Attacks
Smaller organizations have less resources and smaller budgets to counteract ransomware attacks. This is especially true for educational organizations. Conversely, IT, tech, and telecom companies are the most cyber-ready, and therefore have a lower likelihood of being targeted.
Further evidence shows that, for most organizations who had their data frozen, they were able to recover it via backup systems they had in place. Those organizations that were the highest earners were most likely to buy their way to access their information, with 46% paying the ransom.
“Organizations with lower annual revenue have less money to fund ransom payments, forcing them to focus on backups for data recovery,” the report said. “At the same time, larger revenue organizations typically have complex IT infrastructures, which may make it harder for them to use backups to recover data in a timely fashion. They are also the businesses most able to buy their way out of such situations.”
