Ransomware demands in Japan are almost 26 times higher than in the UK, report finds

The average ransom demand for Japanese businesses was almost 26 times higher than for UK organisations in 2021, according to the latest ransomware report by Sophos.

Research conducted by the security software provider found that the UK’s average ransom payment for mid-size organisations was five times cheaper than the global average, which has soared from around $170,000 (£137,000) in 2020 to $812,360 (£645,525) in 2021.

Japanese organisations paid the highest ransoms in the world in 2021, with an average payment of $4,327,024 (£3,440,330).

Meanwhile, the 2021 average for the UK was found to be only $166,828 (£132,597), with 57% of organisations falling victim to a ransomware attack – only 4% lower than in Japan, at 61%.

However, the discrepancy in demands is due to UK organisations “being better prepared and paying ransom less often”, according to Sophos principal research scientist Chet Wisniewski.

In October 2021, the UK joined 30 other countries, including the US, Australia, and several EU members, in cracking down on ransomware payments by blocking the cryptocurrency payment channels used by cyber criminals.

Ransom demands tend to be lower to make it easier for organisations to pay them. Hackers tend to also make smaller demands if they’re aware that the targeted business uses backups to restore data in case it’s lost, Wisniewski told IT Pro.

Related Resource

Security awareness training strategies for account takeover protection

Why you need an inside-the-perimeter strategy for internal threats

Free download

The latest State of Ransomware report found backups to be the most popular method used to restore data, having been used by 73% of organisations where data was encrypted. Despite this, 46% of the surveyed organisations admitted to paying the ransom to restore data to maximise the speed and efficacy of having the data fully restored.

Due to the high number of ransomware attacks, Sophos has urged organisations to not only make regular backups but also practice restoring from them to minimise the disruption to business following the attack. 

The cyber security provider also recommended that organisations review their security controls, proactively hunt for threats ahead of a potential attack, patch all unprotected devices, as well as prepare a plan in case of a cyber incident.

Featured Resources

Meeting the future of education with confidence

How the switch to digital learning has created an opportunity to meet the needs of every student, always

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

Technology reimagined

Why PCaaS is perfect for modern schools

Free Download