Victims pay an average of 255,000 euros, while cybercriminals demand a median amount of 1.2 million euros.
Ransomware attacks are becoming more aggressive, with rising ransom demands and faster data theft. By 2024, the median ransom amount demanded by cybercriminals will be $1.2 million, nearly double that of 2023. That’s according to the latest Incident Response Report from Unit 42, the research group of Palo Alto Networks. The researchers analyzed 500 cybersecurity incidents worldwide between October 2023 and December 2024.
Backups and disruptions
Although criminals demand high amounts, victims pay an average of 255,000 euros. This amount is still 28,650 euros higher than in 2023. Still, organizations do not give in to extortion easily. In 49.5 percent of cases, companies were able to restore a backup, which meant they did not have to pay a ransom. To still force payments, cybercriminals more often deploy additional means of pressure. In 86 percent of cases, they tried to disrupt business operations or cause reputational damage.
The cloud remains a weak spot for many organizations. In 29 percent of incidents, the attack originated in the cloud. Identity and access management is particularly at risk. Many companies do not use multifactor authentication (25%), use weak passwords (18%) or grant access rights that are too broad (14%).
Faster attacks, shorter reaction time
Hackers are working more and more efficiently. In 20 percent of cases, criminals managed to exfiltrate data within an hour. At the same time, companies are improving their detection and response. In 2021, it took an average of 26.5 days to detect a hacker, while that has now been reduced to seven days.
Phishing remains the most popular method of penetrating networks. In 23 percent of cases, attacks began with phishing, followed by vulnerabilities in APIs (19%) and stolen login credentials (16%).
According to Unit 42, cybercriminals are increasingly using AI and automation to circumvent security measures. Proactive protection and rapid detection are therefore becoming even more important.