Support 1300 669 220

What’s the Average Ransom Payment for a Ransomware Attack?

Ransomware is a form of cyber attack that holds your data hostage until a ransom is paid. But how much do criminals demand? And what’s the most a business has ever paid? Let’s take a look…

If your business was the target of a ransomware attack, how much do you think you’d be asked to pay to regain access to your critical data? $250,000? $500,000? Maybe. But the figure is more likely to be over a million dollars. The average ransom demand on Australian businesses is between $1.01 million and $1.25 million, depending on the source. And it’s expected to keep growing. In fact, in the space of just two years, the average ransomware payment increased by nearly 200%! 

Think these demands are ridiculously high? Think again. A report shows that, in Australia, businesses are now willing to fork out almost $1,300,000 to get their hands back on their data. This figure has almost doubled from the amount organisations were willing to pay in ransom just two years ago. 

Of course, the average ransom demand varies by industry. It’s often the case that sectors with the lowest rate of attack (e.g. manufacturing and production) are hit with the highest ransom demands. Industries in which attacks are more common may have more requests for lower amounts. 

The biggest ransom ever paid

While the Australian Cyber Security Centre states that you should ‘never pay a ransom’ – and the American FBI follows suit – many organisations do give in to demands in a bid to save their business. 

So what’s the most a business has admitted to paying to regain access to their vital data?

In 2021, a US-based insurance company, CNA Financial, paid what is believed to be the biggest ever ransomware demand to date: 40 million USD, or nearly 60 million AUD. And this is understood to have been negotiated down from an initial demand of almost 90 million AUD by the Russian cyber gang responsible. Just weeks later, another US company, Colonial Pipeline, paid 4.4 million USD in a separate ransomware attack. However, these are the ransom payments that have been publicly announced. It’s likely businesses have quietly paid more to avoid damaging their reputations. 

In Australia, a Perth-based company was subjected to one of the country’s biggest-ever ransom demands in 2020, with criminals wanting $30 million to release stolen data back to the company. And two years later, private health insurer Medibank was hit with a demand for around $15 million.

The Medibank attack was what sparked the widespread push for the Australian Government to ban businesses from paying ransoms. A more recent attack on financial establishment Latitude Financial, where 53,000 passport numbers and 7.9 million driving licence numbers were stolen, has pushed the issue further. Whether the government decides to move forward with such a ban is yet to be seen. 

Protecting your business

Don’t really like the sound of paying millions to access your own data? We don’t blame you! Fortunately, there are ways that you can massively reduce the likelihood of being hit with a ransom demand. Contact us at Perigon One to find out more about IT security and cyber protection.