Cost of ransomware more than doubles in a year
The average total cost of recovery from a ransomware attack has more than doubled in a year, increasing from $761,106 in 2020 to $1.85 million in 2021.
The latest Sophos State of Ransomware report also reveals that the average ransom paid is now $170,404, but that only eight percent of organizations managed to get back all of their data after paying a ransom, with 29 percent getting back no more than half of it.
While the number of organizations that experienced a ransomware attack fell from 51 percent of respondents surveyed in 2020 to 37 percent in 2021, and fewer organizations suffered data encryption as the result of a significant attack (54 percent in 2021 compared to 73 percent in 2020), the new survey results reveal some worrying upward trends, particularly in terms of the impact of a ransomware attack.
The cost of dealing with an attack including business downtime, lost orders, operational costs, and more, has grown from an average of $761,106 in 2020 to $1.85 million in 2021. This means that the average cost of recovering from a ransomware attack is now on average 10 times the size of the ransom payment.
A small, but important seven percent say that their data was not encrypted, but they were held to ransom anyway, possibly because the attackers had managed to steal their information. In 2020, this figure was just three percent.
"The apparent decline in the number of organizations being hit by ransomware is good news, but it is tempered by the fact that this is likely to reflect, at least in part, changes in attacker behaviors," says Chester Wisniewski, principal research scientist at Sophos. "We've seen attackers move from larger scale, generic, automated attacks to more targeted attacks that include human hands-on-keyboard hacking. While the overall number of attacks is lower as a result, our experience shows that the potential for damage from these more advanced and complex targeted attacks is much higher. Such attacks are also harder to recover from, and we see this reflected in the survey in the doubling of overall remediation costs."
The full report is available from the Sophos site.