.jpeg)
_(1)_(1)_(1)4.jpg)
Nearly Half of Companies Opt to Pay the Ransom, Sophos Report Finds
-
- - Newsroom -
- Editor --
- ১ জুলাই, ২০২৫
Sophos, a global leader of innovative security solutions for defeating cyberattacks, recently released its sixth annual State of Ransomware report, a vendor-agnostic survey of IT and cybersecurity leaders across 17 countries that studies the impact of ransomware attacks on businesses. This year’s survey found that nearly 50% of companies paid the ransom to get their data back – the second highest rate of ransom payment for ransom demands in six years.
Despite the high percentage of companies that paid the ransom, over half – 53% – paid less than the original demand. In 71% of cases where the companies paid less, they did so through negotiation – either through their own negotiations or with help from a third party. In fact, while the median ransom demand dropped by a third between 2024 and 2025, the median ransom payment dropped by 50%, illustrating how companies are becoming more successful at minimizing the impact of ransomware.
Overall, the median ransom payment was one million dollars, although the initial demand varied significantly depending on organization size and revenue. The median ransom demand for companies with over $1 billion in revenue was five million dollars, while organizations with $250 million revenue or less, saw median ransom demands of less than $350,000.
For the third year in a row, exploited vulnerabilities were the number one technical root cause of attacks, while 40% of ransomware victims said adversaries took advantage of a security gap that they were not aware of – highlighting organizations’ ongoing struggle to see and secure their attack surface. Overall, 63% of organizations said resourcing issues were a factor in them falling victim to the attack, with lack of expertise named as the top operational cause in organizations with more than 3,000 people and lack of people/capacity most frequently cited by those with 251-500 employees.
Sophos recommends the following best practices to help organizations defend against ransomware and other cyberattacks:
- Take steps to eliminate common technical and operational root causes of attacks, such as exploited vulnerabilities. Tools like Sophos Managed Risk can help companies access their risk profile and minimize their exposure.
- Ensure all endpoints (including servers) are well-defended with dedicated anti-ransomware protection.
- ·Have an incident response plan in place and tested for when things go wrong. Have good backups and practice restoring data regularly.
- Companies need around-the-clock monitoring and detection. If they do not have the resources in-house for this, they can work with a trusted managed detection and response (MDR) provider.
RELATED NEWS
.png)
