Ransomware demands in Japan are almost 26 times higher than in the UK, report finds

The average ransom demand for Japanese businesses was almost 26 times higher than for UK organisations in 2021, according to the latest ransomware report by Sophos.

Research conducted by the security software provider found that the UK’s average ransom payment for mid-size organisations was five times cheaper than the global average, which has soared from around $170,000 (£137,000) in 2020 to $812,360 (£645,525) in 2021.

Japanese organisations paid the highest ransoms in the world in 2021, with an average payment of $4,327,024 (£3,440,330).

Meanwhile, the 2021 average for the UK was found to be only $166,828 (£132,597), with 57% of organisations falling victim to a ransomware attack – only 4% lower than in Japan, at 61%.

However, the discrepancy in demands is due to UK organisations “being better prepared and paying ransom less often”, according to Sophos principal research scientist Chet Wisniewski.

In October 2021, the UK joined 30 other countries, including the US, Australia, and several EU members, in cracking down on ransomware payments by blocking the cryptocurrency payment channels used by cyber criminals.

Ransom demands tend to be lower to make it easier for organisations to pay them. Hackers tend to also make smaller demands if they’re aware that the targeted business uses backups to restore data in case it’s lost, Wisniewski told IT Pro.

The latest State of Ransomware report found backups to be the most popular method used to restore data, having been used by 73% of organisations where data was encrypted. Despite this, 46% of the surveyed organisations admitted to paying the ransom to restore data to maximise the speed and efficacy of having the data fully restored.

Due to the high number of ransomware attacks, Sophos has urged organisations to not only make regular backups but also practice restoring from them to minimise the disruption to business following the attack.

The cyber security provider also recommended that organisations review their security controls, proactively hunt for threats ahead of a potential attack, patch all unprotected devices, as well as prepare a plan in case of a cyber incident.