Ransomware attacks come with an average recovery cost of $4.5 million, according to a recent survey, which also found a high proportion of businesses have fallen prey to the malware in the past year.
Data from Absolute Security, which surveyed 500 CISOs based in the US through Censuswide, found 72% of respondents’ firms had dealt with ransomware attacks in the 12 months prior to the survey.
Respondents registered extreme concern over the potential cost of ransomware attacks, with nearly three quarters (73%) indicating a successful ransomware attack could critically incapacitate their business.
Businesses can recover from ransomware attacks relatively quickly, with 42% of respondents doing so within 24 hours and 39% taking between one to seven days.
Others struggle, though. Around 5% of respondents took over two weeks to get their systems back to normal.
Given its potentially catastrophic impact, ransomware registers as a major concern for CISOs. In the survey, four-in-five respondents identified it as the biggest cyber worry facing their firm.
“Every organization is a target for a ransomware attack, threats are a case of when, not if, so every organization needs a policy of cyber resilience, planning to recover from threats, not just prevent them,” said Andy Ward, senior VP and GM international at Absolute Security
“Giving security teams the ability to remotely quarantine, or recover, update, and restore, compromised devices can prevent ransomware attacks from consuming an organization, preventing the spread of the breach and maintaining uptime in the face of threats,” Ward added.
“Resilience technology and protocols can then restore and rehydrate devices, wiping them of malicious malware and returning them to a secure state.”
The ransomware economy continues to evolve
Ransomware attacks continue to surge, with businesses forced to remain vigilant as ransomware groups evolve their precise attack methodology and malware strains to evade defenses.
February 2025 was the worst month on record for ransomware attacks and high profile attacks such as the Ingram Micro cyber attack, which was claimed by the SafePay ransomware group, continue to dominate headlines.
Official bodies such as the UK National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency warn against paying out to ransomware operators, as it offers no hard guarantee that data will be returned intact.
In its latest advice on ransomware, the NCSC and UK insurance bodies urged firms to seriously consider their options when dealing with ransomware and to consider the fact that every ransom paid helps fund gangs and encourages future attacks.
Across the world, governments and official advisory bodies are arguing for an end to ransomware payments. The UK government is also weighing up a ban on public organizations meeting ransomware demands.
But in the face of eye watering recovery sums such as those revealed by Absolute Security, some leaders decide to pay out even so.
In June, Sophos published evidence that half of all corporate ransomware victims are now paying up to get their data back but not before haggling the fee down with attackers.
Businesses are increasingly balancing their fears of cyber attacks against reduced budgets and spending flexibility.
In ITPro’s Future Focus 2025 report, over a third of respondents (40%) indicated their firms would spend 20% or less of their total IT budget on cybersecurity, despite increased anxieties over threats such as ransomware.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
Pure Storage’s expanded partner ecosystem helps fuel Q3 growthNews The data storage vendor has announced a 16% year-over-year revenue hike in its latest earnings report, driven by continued channel and product investment
-
Partners have been ‘critical from day one’ at AWS, and the company’s agentic AI drive means they’re more important than everNews The hyperscaler is leaning on its extensive ties with channel partners and systems integrators to drive AI adoption
-
The Scattered Lapsus$ Hunters group is targeting Zendesk customers – here’s what you need to knowNews The group appears to be infecting support and help-desk personnel with remote access trojans and other forms of malware
-
Impact of Asahi cyber attack laid bare as company confirms 1.5 million customers exposedNews No ransom has been paid, said president and group CEO Atsushi Katsuki, and the company is restoring its systems
-
If you're not taking insider threats seriously, then the CrowdStrike incident should be a big wake up callNews CrowdStrike has admitted an insider took screenshots of systems and shared them with hackers, and experts say it should serve as a wake up call for enterprises globally.
-
Shai-Hulud malware is back with a vengeance and has hit more than 19,000 GitHub repositories so far — here's what developers need to knowNews The malware has compromised more than 700 widely-used npm packages, and is spreading fast
-
Security experts claim the CVE Program isn’t up to scratch anymore — inaccurate scores and lengthy delays mean the system needs updatedNews CVE data is vital in combating emerging threats, yet inaccurate ratings and lengthy wait times are placing enterprises at risk
-
The US, UK, and Australia just imposed sanctions on a Russian cyber crime group – 'we are exposing their dark networks and going after those responsible'News Media Land offers 'bulletproof' hosting services used for ransomware and DDoS attacks around the world
-
Thousands of ASUS routers are being hijacked in a state-sponsored cyber espionage campaignNews Researchers believe that Operation WrtHug is being carried out by Chinese state-sponsored hackers
-
IBM AIX users urged to patch immediately as researchers sound alarm on critical flawsNews Network administrators should patch the four IBM AIX flaws as soon as possible
