Security News > 2022 > April > Ransom payment is roughly 15% of the total cost of ransomware attacks
Researchers analyzing the collateral consequences of a ransomware attack include costs that are roughly seven times higher than the ransom demanded by the threat actors.
Ransomware attacks typically involve stealing data from the company and encrypting systems to pressure the victim into paying to decrypt files and to avoid a data leak.
Researchers at Check Point compiled ransomware statistics by analyzing data from public sources and several thousand cyber attacks in the Kovrr database, a cyber-risk and cyber-insurance expert.
According to Check Point's analysis, the ransom demand is typically between 0.7% and 5% of the victim's annual revenue, with the average percentage being 2.82%. Many ransomware gangs offer discounts for fast payments, ranging between 20% and 25% if the ransom is paid within a few days.
"Most other losses, including response and restoration costs, legal fees, monitoring costs, etc., are applied whether the extortion demand was paid or not. The year 2020 showed that the average total cost of a ransomware attack was more than seven times higher than the average ransom paid." - Check Point.
What they do is link the ransom payment to the collateral damage costs when negotiating with the victim, presenting the payment option as a more financially beneficial option.
News URL
Related news
- Panera Bread likely paid a ransom in March ransomware attack (source)
- REvil hacker behind Kaseya ransomware attack gets 13 years in prison (source)
- City of Wichita shuts down IT network after ransomware attack (source)
- Ransomware attacks impact 20% of sensitive data in healthcare orgs (source)
- Ohio Lottery ransomware attack impacts over 538,000 individuals (source)
- Ascension redirects ambulances after suspected ransomware attack (source)
- Ransomware negotiator weighs in on the extortion payment debate with El Reg (source)
- Singing River Health System: Data of 895,000 stolen in ransomware attack (source)
- Windows Quick Assist abused in Black Basta ransomware attacks (source)
- Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks (source)