Sophos Report: Average Ransom Payments Increased 500% in the Last Year

The average ransom payment has increased by 500% in the last year, according to Sophos’ annual “State of Ransomware 2024” survey report. Organisations that paid the ransom reported an average payment of $2 million, up from $400,000 in 2023. The survey also found that the average cost of recovery reached $2.73 million, an increase of almost $1 million since 2023.

Despite the increase in ransom payments, there has been a slight reduction in the rate of ransomware attacks, with 59% of organisations being hit compared to 66% in 2023. Even small organisations with less than $10 million in revenue are regularly targeted, with 47% being hit by ransomware in the last year.

The report also revealed that 63% of ransom demands were for $1 million or more, with 30% of demands exceeding $5 million. This suggests that ransomware operators are seeking huge payoffs, with nearly half of organisations with revenue of less than $50 million receiving seven-figure ransom demands.

Exploited vulnerabilities were identified as the most common root cause of ransomware attacks, impacting 32% of organisations. This was followed by compromised credentials (29%) and malicious email (23%). Victims where the attack started with exploited vulnerabilities reported the most severe impact, with higher rates of backup compromise, data encryption, and the propensity to pay the ransom.

Sophos recommends best practices to defend against ransomware, including understanding risk profiles, implementing endpoint protection, bolstering defences with threat detection, and maintaining an incident response plan. The data for the report comes from a survey of 5,000 cybersecurity/IT leaders conducted between January and February 2024.