Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Current Ransomware Stats from Coveware: A Ray of Hope

July 29, 2021

Coveware’s Q2 report on ransomware, published on July 23, offers encouragement in the battle against ransomware. Most notably, ransom payments have declined.

Overall, CEOs have woken up to the dangers of ransomware and taken measures to protect their organizations. Ransomware has the full attention of governments around the globe. Law enforcement has begun to really focus on ransomware. Cyberinsurance underwriting standards are hardening.

Several states have drafted proposed legislation that ranges from a complete prohibition on ransom payments to mandatory reporting. Federal mandatory reporting of any ransom payment may be coming soon.

And here are striking stats:

The average ransom payment in Q2 was $136,576, down 38% from Q1 2021.

The median ransom payment in Q2 was $47,008, down 40% from Q1 2021.

81% of ransomware attacks involved the threat to leak exfiltrated data, up 5% From Q1 2021.

In 2020, almost 65% of victims that were faced only with a data leak threat chose to pay, despite the fact that paying to stop a leak provides almost no value. In Q2, only 50% of data leak victims opted to pay. Mandatory federal reporting of a ransom payment will have a positive material impact on this as well because companies will not like publicly disclosing these payments.

Over 75% of attacks occur on companies with less than 1,000 employees. These firms are much less likely to have the budget to fund the minimum protections necessary to keep them safe from ransomware attacks. More than large enterprises, small businesses often outsource IT entirely to third party providers and inadvertently create a vulnerable entry point if the methods the vendor is using to manage the company are not sufficient and regularly audited.

Average days of downtime is now 23 days, down 14% from Q1.

This was predominantly driven by a higher proportion of attacks that only involved data theft and therefore caused no significant business interruption.

I too remain hopeful that the sharpened focus on ransomware will have the intended impact of lessening the number and severity of ransomware attacks. Let’s hope we see the same trends in Q3!

Hat tip to Dave Ries.

Sharon D. Nelson, Esq., PresidentSensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email:  Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology