Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Current Ransomware Stats from Coveware: A Ray of Hope

July 29, 2021

Coveware’s Q2 report on ransomware, published on July 23, offers encouragement in the battle against ransomware. Most notably, ransom payments have declined.

Overall, CEOs have woken up to the dangers of ransomware and taken measures to protect their organizations. Ransomware has the full attention of governments around the globe. Law enforcement has begun to really focus on ransomware. Cyberinsurance underwriting standards are hardening.

Several states have drafted proposed legislation that ranges from a complete prohibition on ransom payments to mandatory reporting. Federal mandatory reporting of any ransom payment may be coming soon.

And here are striking stats:

The average ransom payment in Q2 was $136,576, down 38% from Q1 2021.

The median ransom payment in Q2 was $47,008, down 40% from Q1 2021.

81% of ransomware attacks involved the threat to leak exfiltrated data, up 5% From Q1 2021.

In 2020, almost 65% of victims that were faced only with a data leak threat chose to pay, despite the fact that paying to stop a leak provides almost no value. In Q2, only 50% of data leak victims opted to pay. Mandatory federal reporting of a ransom payment will have a positive material impact on this as well because companies will not like publicly disclosing these payments.

Over 75% of attacks occur on companies with less than 1,000 employees. These firms are much less likely to have the budget to fund the minimum protections necessary to keep them safe from ransomware attacks. More than large enterprises, small businesses often outsource IT entirely to third party providers and inadvertently create a vulnerable entry point if the methods the vendor is using to manage the company are not sufficient and regularly audited.

Average days of downtime is now 23 days, down 14% from Q1.

This was predominantly driven by a higher proportion of attacks that only involved data theft and therefore caused no significant business interruption.

I too remain hopeful that the sharpened focus on ransomware will have the intended impact of lessening the number and severity of ransomware attacks. Let’s hope we see the same trends in Q3!

Hat tip to Dave Ries.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Current Ransomware Stats from Coveware: A Ray of Hope

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer