Report: 44% decrease in average amount paid after ransomware attacks

Report: 44% decrease in average amount paid after ransomware attacks

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!



After all of the dire headlines throughout 2021, the end of the year presented signs of improvement. According to a new report by Corvus Insurance, in Q4, the rate of ransomware claims reached just half of the peak seen in Q1 2021 — decreasing from 0.6% to 0.3%. While the Q3 2021 average ransom paid was atypically high, the entire 2021 ransoms paid by quarter average was ~$167k, 44.2% less than the Q3 figure.

Overall, fewer ransoms are being paid compared to those demanded. This decrease in cost and severity can be partially attributed to underwriting entities requiring stronger backups for insurance coverage, which is helping to drive the broader trend toward more sophisticated and resilient approaches to mitigating ransomware risk.

As far as concerns and perspectives that are unique to the small- and medium-sized business (SMB) segment, the survey data shows that SMBs are still building their cyber investments. It showed that SMBs are primarily concerned with external threats — attack vectors including ransomware and phishing — and only 8% of the smallest businesses (<50 employees) have a dedicated cybersecurity budget.

Average Ransom Paid by Quarter. In 2020, the average ransom paid was over 200,000, whereas the number fell to about 175,000 by 2021.

For comparison, among the largest businesses within the surveyed group (250+ employees), 18% reported having a dedicated cybersecurity budget. However, spending on cybersecurity overall is going up, with 60% stating that their security spending is expected to increase with support from their CEO and senior management.

Overall, respondents highlighted a lack of resources and the overall complexity of security as key driving factors currently preventing improvements in their defenses. Smaller companies are more concerned with staying current on new threats, while larger organizations are more concerned with vendor breaches, bringing to light the fact that many companies may fail to emphasize and act on the need for an internal security culture.

Read the full report by Corvus Insurance.


VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.