Security News > 2024 > May > Ransom recovery costs reach $2.73 million

Ransom recovery costs reach $2.73 million
2024-05-03 05:00

Excluding ransoms, the survey found the average cost of recovery reached $2.73 million, an increase of almost $1 million since the $1.82 million that Sophos reported in 2023.

46% of organizations with revenue of less $50 million received a seven-figure ransom demand in the last year.

"We must not let the slight dip in attack rates give us a sense of complacency. Ransomware attacks are still the most dominant threat today and are fueling the cybercrime economy. Without ransomware we would not see the same variety and volume of precursor threats and services that feed into these attacks. The skyrocketing costs of ransomware attacks belie the fact that this is an equal opportunity crime. The ransomware landscape offers something for every cybercriminal, regardless of skill. While some groups are focused on multi-million-dollar ransoms, there are others that settle for lower sums by making it up in volume," said John Shier, field CTO, Sophos.

The surveyed organizations also had considerably greater financial and operational impact, with the average recovery cost sitting at $3.58 million compared with $2.58 million when an attack started with compromised credentials and a greater proportion of attacked organizations taking more than a month to recover.

The average ransom payment came in at 94% of the initial ransom demand.

"Managing risk is at the core of what we do as defenders. The two most common root causes of ransomware attacks, exploited vulnerabilities and compromised credentials, are preventable, yet still plague too many organizations. Businesses need to critically assess their levels of exposure to these root causes and address them immediately. In a defensive environment where resources are scarce, it's time organizations impose costs on the attackers, as well. Only by raising the bar on what's required to breach networks can organizations hope to maximize their defensive spend," said Shier.


News URL

https://www.helpnetsecurity.com/2024/05/03/ransom-recovery-costs/