Ransomware Trends 2024: How Much Businesses Are Paying to Recover Their Data
Ransomware remains one of the most pressing threats to organizations worldwide as cybercriminals continue to develop increasingly sophisticated tactics
In this edition of 'The Sting of Security', we focus on key findings from Hornetsecurity's 2024 Ransomware Survey, revealing how much businesses are paying to recover their data. We outline the latest trends in ransomware attacks, their impact on organizations, and the measures businesses are taking to strengthen their defenses.
A Shift in Ransomware Incidents
One of the most notable findings from this year's Hornetsecurity Ransomware survey is the decline in the overall percentage of organizations affected by ransomware attacks, with just 18.6% reporting an incident in 2024—the lowest rate since we began tracking this data in 2021. However, while fewer organizations may be falling victim, the complexity and impact of these attacks are increasing.
16.3% of Victims Paid the Ransom in 2024
The percentage of victims forced to pay a ransom to recover their data surged to 16.3% this year, compared to just 6.9% in 2023. This stark rise illustrates the growing desperation among organizations to regain access to their critical data as attackers target backup systems, traditionally the last line of defense. In fact, 14% of victims reported that their backup storage
Phishing Attacks Lead the Way
Phishing emails remain the dominant entry point for ransomware, accounting for over half of all attacks in 2024. These attacks typically involve tricking employees into clicking malicious links or downloading infected attachments, which allow ransomware to be deployed across networks. This trend emphasizes the need for ongoing employee cybersecurity training
Recommended by LinkedIn
Small Businesses Hit Hard: Most Ransom Payments Between $10K and $100K
Smaller organizations—those with 1-50 employees—are disproportionately targeted by ransomware, accounting for 55.8% of incidents. With less sophisticated defenses, small businesses face more significant risks. Alarmingly, 1 in 5 small businesses targeted by ransomware ended up paying the ransom, with 60% paying between $10,000 and $100,000. The remaining victims paid less than $10,000.
The Rise of Ransomware Insurance
More organizations are turning to ransomware insurance to mitigate the financial fallout of an attack. In 2024, 54.6% of organizations reported having a policy, a significant jump from 42.2% in 2023. However, securing insurance doesn't mean businesses can ease up on security—many insurers now require companies to meet stringent security standards
Unidentified Attack Vectors Remain a Problem
A troubling 1 in 10 organizations affected by ransomware in 2024 reported not knowing how their systems were infiltrated. This "unknown" factor makes it difficult for businesses to close security gaps, leaving them vulnerable to repeat attacks.
A Growing Threat That Requires Stronger Defences
The Hornetsecurity ransomware survey highlights that while fewer organizations may be falling victim to attacks, the complexity, impact, and financial fallout from ransomware incidents are on the rise. Organizations of all sizes must bolster their defenses with robust backup strategies, employee training, and advanced security protocols to keep pace with these evolving threats.
Read the full report here.