Ransomware attacks spike by 140%, 57% of organizations agree to pay

Data extracted and analyzed by Atlas VPN reveals, the amounts of demanded ransom payments increased by 140%, comparing the numbers of 2018 to 2019. More and more organizations succumb to blackmail: 57% of organizations settled and paid the ransom during the last 12 months.

Ransomware is a type of malicious attack where a criminal encrypts, typically, sensitive files, then threatens to publish them, unless a demanded ransom is paid.

The team of Atlas VPN researchers added the average sums hackers were demanding during each quarter in 2018 and 2019 globally, then divided the number into four.

The average ransomware sum in U.S. dollars

In 2018, the requested ransom payments reached 7.6 thousand dollars on average, globally. During the first quarter, the monetary amount of requested ransom payments hit 5.4 thousand dollars on average, Crypsis report suggests.

The number increased to 8.3 thousand dollars amid the second quarter and peaked in the third quarter, reaching 10 thousand dollars on average. During the fourth quarter, criminals were requesting companies to pay 7 thousand dollars on average.

It is safe to say cybercriminals got more greedy in 2019: by encrypting companies’ files, they were requesting 18 thousand dollars on average. The number is 140% bigger in comparison to 2018.

The average number spiked dramatically amid the first quarter, hitting 14 thousand dollars and continued to increase. In the second quarter, it spiked to nearly 16 thousand dollars on average.

The sum peaked in the third quarter of 2019, hitting 22.8 thousand dollars and being the largest demanded amount during the two-year period. It then dropped to 21.7 thousand dollars amid the last quarter of 2019.

Majority of companies settle and pay the ransom

More and more companies disclose a ransomware attack has victimized them. In 2018, 55% of companies admitted they received a request to pay ransom during the last twelve months globally. The number increased to 56% in 2018 and jumped to 62% in 2020, CyberEdge report suggests.

The percentage of companies that agreed to pay the ransom has been on the rise, too. 38% of victimized companies paid the demanded sum in 2018, and 45% in 2019. In this year’s survey, even 57% of organizations paid a ransom to have their data recovered during the last 12 months.

Unfortunately, paying the ransom does not necessarily get you the stolen information back. In 2018, 49% of organizations that paid ransom were able to recover their data. In 2019, the number increased to 61% and jumped to 66% in 2020.

Leading ransomware causes

However, the fact that companies were able to recover the stolen information does not suggest paying the ransom. Instead, companies should be focusing on preventative methods to ensure these attacks do not happen at all. Not only is your information at risk of being lost, but these incidents also disrupt the business processes.

To avoid ransomware attacks, it is vital to study the leading reasons behind these incidents. Surveys Atlas VPN analyzed reveal that leading causes can be divided into two categories: outside and inside threats.

CyberEdge conducted a survey asking business experts to rate how likely certain events are to lead to a cyber incident. Concern for suffering from a ransomware attack due to poorly trained staff was the highest, reaching a 72% rate.

Also, respondents rated low security-awareness (72%) as the second most common reason behind cyber incidents. Concern for not being able to ensure smooth threat detection and response processes reached a 70% rate.

While the survey conducted by CyberEdge focuses on the inside issues businesses should sort out, Datto research analyzes the outside threats. 67% of 1.4 thousand respondents consider falling for phishing scams to be the most common cause of ransomware infections.

The second reason is the lack of proper cybersecurity training with a 36% concern rate. Finally, 25% of respondents agreed that people being naive and gullible is associated with ransomware incidents.


Alex T.

Alex T.


Tags: ransomware