Only 8% of organizations manage to get back all of their data after paying a ransom, according to a Sophos study.
The survey polled 5,400 IT decision makers in mid-sized organizations in 30 countries including India.
The number of organizations that paid the ransom increased from 26% in 2020 to 32% in 2021, although fewer than one in 10 (8%) managed to get back all of their data. And almost a third, 29% could not recover more than half of their encrypted data.
While the number of organizations that experienced a ransomware attack fell from 51% of respondents surveyed in 2020 to 37% in 2021, and fewer organizations suffered data encryption as the result of a significant attack (54% in 2021 compared to 73% in 2020), the new survey results reveal worrying upward trends, particularly in terms of the impact of a ransomware attack.
“It has gone from large-scale generic automated attacks to more targeted breaches, based on employee behavior,” said Chester Wisniewski, principal research scientist, Sophos. “While the overall number of attacks is lower as a result, our experience shows that the potential for damage from these more advanced and complex targeted attacks is much higher. Such attacks are also harder to recover from, and we see this reflected in the survey in the doubling of overall remediation costs.”
The average cost of remediating a ransomware attack more than doubled in the last 12 months. Remediation costs, including business downtime, lost orders, operational costs, and more, grew from an average of $761,106 in 2020 to $1.85 million in 2021. This means that the average cost of recovering from a ransomware attack is now 10 times the size of the ransom payment, on average
The average ransom paid was $170,404. While $3.2 million was the highest payment out of those surveyed, the most common payment was $10,000. Ten organizations paid ransoms of $1 million or more.