Malware, known as ransomware, encrypts data and demands payment before releasing it to the victim.

The most sensitive information of a user or company is encrypted to prevent unauthorized access to documents, databases, and programs. The only way in is to pay a ransom.

Many types of ransomware are made to infect other computers in a network and then lock them out.

It is a growing risk that results in billions of dollars paid to cyber criminals and substantial damage and fees for companies and government agencies.

What is the average cost of ransomware attacks in 2024?

The average cost of a ransomware attack is $4.54 million.

Let’s discuss this in detail.

The Ransom

The ransom and the industry’s loss of work and sales can amount to millions of dollars.

Let’s start with the big “R” and look at its average and tendencies.

The cost of ransoms continues to rise: Based on data from the State of Ransomware 2022 Report, in 2021, 11% of business owners paid ransoms of $1 million or even more, up from 4% in 2020.

Also, hackers aren’t simply allowing you off the hook easily: the percentage of victims who paid less than $10,000 fell from 34 percent to 21 percent.

Two recent studies by Sophos and Pao Alto estimate that the average cost of ransomware is between $570,000 and $812,360.

It’s Illegal to Pay. In 2020, the Office of Foreign Assets Control (OFAC) of the United States Department of the Treasury declared that paying ransom to computer hackers is illegal.

When can we get back to business now that the ransom has been paid? Unfortunately, that’s not the case.

What is the Average Cost Of Ransomware Attacks in 2024?


The report predicts that by 2022, the average cost of a data breach will have risen to an unprecedented $4.35 million (all figures in U.S. dollars).

This increase is not limited to ransomware attacks.

The cost of responding to data breaches has increased by 13 percent in the past two years.

Even more shocking is the fact that the average cost of a ransomware attack is $4.54 million, and that’s before the average cost of a ransom payment, which is $812,360.

Ransomware victims take 326 days longer than sufferers of other types of breaches to realize they’ve been attacked and take action (277 days).

In addition, the speed with which ransomware attacks are carried out has increased dramatically in recent years.

IBM Security X-Force showed that the time it takes to execute a ransomware attack decreased by 94% between 2019 and 2021, from slightly more than two months to less than four days.

What is the Cost Of Ransomware Attacks Around The World?

Every year, billions of dollars are lost due to ransomware attacks on enterprises.

According to estimates, attackers who stole via ransomware earned $11.5 billion in 2019. In 2021, that sum will have surpassed $20 billion.

The Ransom Payment Is Only The First Step

Companies that give in to ransom demands are still on the hook for the problems that resulted from the attack.

Lincoln College, a small, private institution in the middle of nowhere that gained news after suffering a cyberattack in December 2021, is just one of many that can relate. 

After shelling out money to have its data decrypted, the university ran into even more serious issues as it attempted to reconstruct its systems.

Recent news articles have speculated that the college may be forced to permanently close its doors in May 2022 unless a substantial investment of at least $50 million is made.

The average cost of a ransomware breach in 2021 was $4.62 million, according to IBM, but this does not account for the cost of the ransom.

Numerous factors contribute to the total price of restoring data encrypted by ransomware.

According to a new study, paying the ransom is just about 15% of the total cost of an attack.

The Ransom Is Only Part Of The Cost

The true costs of ransomware recovery are much more difficult to quantify, but they likely run into the millions.

In 2021, Sophos estimated, the total cost of recovering from a ransomware attack will be $1.85 million.

This figure accounts for everything from downtime and personnel hours to device and network costs, missed opportunities, ransom paid, and more.

Numerous sources contribute to the overall price tag of getting back on your feet:


The ransomware-caused downtime can be extremely inconvenient, not only for the businesses affected.

For six days, the attack on the Colonial Pipeline left nearly half of the East Coast without access to gasoline.

After the recent attack on a health institution in Vermont, many facilities began refusing patients. 

More than 100,000 pupils were absent from school because of the attack on Baltimore County Public Schools.

Data from Coveware shows that in the second quarter of 2021, businesses saw an average of more than three weeks of downtime (23 days).

The true cost of ransomware should include this wait time.

People Hours

Despite CEO Joseph Blount’s testimony to Congress over a month after the attack that recovery was still occurring, service was reestablished after only six days at Colonial.

Most, if not all, of small business resources will have to be put toward recovery for a while.

Without a doubt, the IT department’s top priority will be to restore service, but the company as a whole will be impacted. 

The crisis communications team will consist of marketing and advertising professionals. The money people will be included in the ransom talks.

The department of human resources will be responsible for answering questions and addressing concerns from workers.

It may be impossible to determine the amount of time spent recovering, but that shouldn’t stop you from considering that when making plans.

Stronger Cybersecurity Protections

5 Common Security Threats Small Businesses Should Watch Out For

After suffering a ransomware attack, a business understandably wants to do everything possible to prevent another.

Furthermore, as attacks rise and insurance companies tighten their requirements, more businesses will be compelled to upgrade their systems to remain covered.

Repeat Attacks

The unfortunate reality of being hit by ransomware is that it makes businesses easy prey for future attacks.

As might be expected, hackers don’t always fulfill their threats even after receiving a ransom payment.

Indeed, cyber criminals will learn that you are an easy target if you pay their ransom. This was unusual in the past, but it became more prevalent in 2021. 

There have been allegations of cyberattacks being launched often, either because the targeted businesses have proven their readiness to pay in the past or because the security flaw that gave hackers access to the systems is still present and can be exploited. 

During the recovery phase, more ransomware operations have been seen exfiltrating data, and copycat operators have been abusing vulnerabilities that have gone unpatched for even a few days.

That meant that some businesses had to shell out cash twice.

Higher Insurance Premiums

Insurers are raising rates as a result of an increase in ransomware-related claims. Customers’ losses are starting to outpace projections, which means higher premiums.

Legal Defense And Settlements

Lawyers will contact victims of attacks on customers or clients.

The Washington Post reported on May 2 that multiple class action lawsuits were filed against Scripps Health, a hospital system in San Diego, after a ransomware attack in April. 

Even large retailers such as Home Depot and Target have paid multimillion-dollar settlements after data breaches.

It’s cheaper to settle than to endure a protracted legal battle, the article says, even if your data security methods would remain up in court.

Lost Reputation

It was the Colonial attack that brought ransomware to the attention of the general public. This spotlight may deter future ransomware attacks; hackers aren’t in it for attention.

When the president of the United States gets involved, it’s never a good day for malicious actors. 

However, if a company is attacked, it will be under even more scrutiny, which could damage its brand and make it harder to attract new customers.

Companies suffer financial losses when their customers stop having faith in them.

What Future Costs Can Organizations Expect from Ransomware?

Future prospects aren’t looking good. If ransomware attacks continue to expand at their current rate, the global cost of ransomware damages is projected to soar to a staggering $265 billion by 2031.

Exaggerated Accusations Of Illegal Content

Cybercriminals have little luck with this strategy in countries where downloading pirated software is common practice.

Instead, ransomware messages will falsely assert that pornographic material or other illegal content was discovered on the victim’s device and demand a ransom to be paid before the content can be deleted.

A request for payment of a fine is also included in the note.

Most Severe Ransomware Attack Ever


WannaCry, which occurred in the spring of 2017, was one of the largest ransomware attacks.

In the neighborhood, 200,000 victims from around 150 different countries were targeted in this attack and demanded to pay a ransom in Bitcoin.

Final Thoughts

The amount paid in ransom is only a fraction of the total trust cost incurred by a ransomware attack.

To keep expenses down, you need to be able to identify an attack and take corrective action swiftly.

Protecting and securing your data adequately can safeguard it from intrusion and help you recover swiftly, saving you time and money.


SophosIBMCloud Wards
Back BlazeZDNetPurplesec