Half of ransomware victims paid hackers, according to a study
KUALA LUMPUR: Nearly 50 per cent of organisations affected by ransomware chose to pay the ransom to recover their data, the second-highest rate recorded in six years, according to cybersecurity company Sophos.
The data comes from Sophos' sixth annual State of Ransomware report, a vendor-neutral global survey of IT and cybersecurity leaders across 17 countries, offering insights into the real-world impact of ransomware on businesses.
Notably, while many victims opted to pay, 53 per cent of them ended up negotiating and paying less than the attackers' original demand.
In 71 per cent of those cases, companies managed to lower the amount through negotiation, either on their own or with the help of a third party.
The survey also found that from 2024 to 2025, the median ransom demand dropped by a third and the median payment fell by half, indicating companies are becoming more effective at limiting ransomware impact.
Overall, the median ransom payment was one million dollars, although the initial demand varied significantly depending on organisation size and revenue.
The median ransom demand for companies with over US$1 billion in revenue was five million dollars, while organisations with US$250 million in revenue or less saw median ransom demands of less than US$350,000.
Meanwhile, the study also found that for the third year in a row, exploited vulnerabilities were the leading technical root cause of attacks.
In addition, 40 per cent of ransomware victims said attackers took advantage of a security gap they were not aware of, highlighting the ongoing challenge organisations face in identifying and securing their attack surface.
Overall, 63 per cent of organisations said resourcing issues contributed to them falling victim to the attack.
Lack of expertise was the top operational cause among organisations with more than 3,000 employees, while lack of people or capacity was most often cited by those with 251 to 500 employees.
Sophos director and global field chief information security officer (CISO) Chester Wisniewski said for many organisations, the chance of being compromised by ransomware actors is just a part of doing business in 2025.
"The good news is that, thanks to this increased awareness, many companies are arming themselves with resources to limit damage.
"This includes hiring incident responders who can not only lower ransom payments but also speed up recovery and even stop attacks in progress," he said in a statement.
He added that ransomware can still be "cured" by tackling the root causes of attacks, such as exploited vulnerabilities, lack of visibility into the attack surface, and limited resources.
He noted that Sophos is seeing more companies recognise they need help and move to managed detection and response (MDR) services for defence.
"MDR coupled with proactive security strategies, such as multifactor authentication and patching, can go a long way in preventing ransomware from the start," he said.
Data for the State of Ransomware 2025 report comes from a vendor-agnostic survey of 3,400 IT and cybersecurity leaders in organisations that were hit by ransomware in the previous year.
Organisations surveyed ranged from 100 to 5,000 employees and across 17 countries.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Star
38 minutes ago
- The Star
China's Xiaomi receives almost 300,000 SUV pre-orders in minutes
A Xiaomi YU7 car at a Xiaomi store in Nanjing, eastern China on June 26, 2025. The company's electric vehicle division said on its official Weibo account that there had been 289,000 pre-orders for the five-seater YU7, priced from 253,500 yuan (RM149,454), within the first hour of sales. — AFP BEIJING: Chinese electric vehicle maker Xiaomi received almost 300,000 pre-orders within an hour for its first sport utility vehicles in what the company said was a "miraculous" moment for the industry. Lei Jun, founder and CEO of the electronics-turned-car company, said he was astonished by the reaction from customers. "My goodness, in just two minutes, we received 196,000 paid pre-orders and 128,000 lock-in orders," Lei said in a video distributed after the vehicle's launch on Thursday night. "We may be witnessing a miracle in China's automotive industry." The company's electric vehicle division said later on its official Weibo account that there had been 289,000 pre-orders for the five-seater YU7, priced from 253,500 yuan (RM 149,454 or about US$35,000), within the first hour of sales. Xiaomi's Hong Kong-listed shares soared 8% at one point before paring their gains but ending at a record high. The Beijing-based commercial tech giant made its first foray into car-making with its SU7 EV model last year, part of a broader industry push to boost domestic consumption. Initial enthusiasm for intelligent driving features in such vehicles was tempered by the fatal crash of a Xiaomi SU7 in March. The vehicle had been in assisted driving mode just before it crashed, killing three students. Premier Li Qiang used the World Economic Forum in Tianjin this week to outline China's ambition to become a "major consumption powerhouse", emphasising policies to stimulate demand for high-value goods such as electric vehicles. – AFP
New Straits Times
an hour ago
- New Straits Times
Dutch government commits 70 million euros for AI plant
AMSTERDAM: The Dutch government on Friday pledged 70 million euros (US$82 million) for the construction of an artificial intelligence plant in the northern city of Groningen. The plant, which will be managed by a consortium of Dutch organisations, is intended to become a research hub for the development of AI technologies in applications ranging from agriculture and healthcare, to energy and defence. The government has also applied for European Union co-financing worth another 70 million euros for the plant, it said in a statement, potentially adding to the 60 million that the Groningen regional administration also plans to contribute. "Those who do not develop the technology themselves are dependent on others. That is why we are fully committed to a strong, Dutch AI infrastructure", Minister of Economic Affairs Vincent Karremans said on the government's website. Europe is looking to develop its own AI infrastructure, fearing too much reliance on companies from an increasingly isolationist United States is a threat to Europe's economy and security.
New Straits Times
an hour ago
- New Straits Times
Global high-end brands bet on conceptual stores to revive sales
SHANGHAI: Louis Vuitton's latest Shanghai store is not your average luxury flagship. The 30-meter-high, ship-shaped store, "The Louis", is billed as an experience, and houses an exhibition space and cafe in Shanghai's downtown Nanjing Road shopping strip. "The Louis", which had a grand opening on Thursday, will undoubtedly draw crowds eager to post pictures to social media of its gleaming facade and the photo-ready exhibits inside. But LVMH-owned Louis Vuitton will also be hoping it can stimulate sales among Chinese consumers whose spending on luxury goods has slowed. LVMH's business strategy aligns with a broader shift among luxury goods retailers from a transactional model - where a shop merely sells goods to customers - to enticing customers with "experiences" that ultimately spur growth. The stakes are high for the luxury brands, which for years have relied on brisk sales in China to fuel their global growth, and ambitions, but are now facing a slowdown in demand in the world's second-biggest economy. The size of the Chinese market declined more than 18 per cent last year to around 350 billion yuan (US$48.80 billion) and sales are on track for a flat performance in 2025, according to estimates from consultancy Bain. Zino Helmlinger, head of China retail at real estate service provider CRBE, acknowledges that the luxury segment as a whole in China has taken "a hit" recently, though he believes the slowdown was expected. "If you look at the megastars - I mean LVMH, Kering , Richemont, Hermès - they almost tripled their profit within five years," he said. "At some point, there is some counterbalancing, there is only so much you can grow, only so much you can generate." In the first quarter, LVMH's revenue in the region that includes China fell 11 per cent on an organic basis - the Asia-Pacific excluding Japan accounts for 30 per cent of the group's total sales. Chinese consumers, hard hit by broader economic uncertainty and a prolonged property market downturn, have tightened spending on discretionary purchases - luxury branded handbags among them. Shanghai native Natalie Chen, 31, says she already owns enough "stuff" and has redirected a significant portion of the funds she once used for luxury goods to travel. "Truthfully speaking, I don't feel that buying another bag will improve my life," she said, though she has already visited a new restaurant opened by Prada in Shanghai and intends to check out Louis Vuitton's new cafe concept with girlfriends. "It brings a different kind of feeling than just in a mall," Chen said, though she was unsure the ship-shaped store would lead her to make any purchases outside of coffee and cake. Still, the luxury brands are sensing a longer term opportunity to pump-prime sales. While appetite for personal luxury goods in China and around the world is declining, hurt by economic pressures and price fatigue, sales rates of "experiential goods" are rising, according to Bain, which highlighted a surge in personalised luxury hospitality experiences and rising fine dining sales in its spring luxury report. In 2024, for example, the overall personal luxury goods market worldwide fell 1 per cent to 3 per cent even as experiential luxury spending rose 5 per cent, Bain said. LUXURY EVOLUTION New research released by real estate advisor Savills earlier this month points to this as a significant new trend in what it describes as China's "evolving" luxury market, in which people seeking out experiences are lured with more experiential luxury brand touchpoints, from restaurants to Salon Privé - private, appointment-only lounges for VIP shoppers. "All the brands are closing stores, but those that can afford to are also opening big flagships or holding some big events or exhibitions to keep their visibility extremely high," said Patrice Nordey, CEO of Shanghai-based innovation consultancy Trajectry, essentially preparing for future success when the market picks up again. Brands from Balenciaga to Chanel, Louis Vuitton and Prada have all closed stores in China since the second-half of last year. Gucci is on track to close 10 stores in the market this year, Helmlinger said. Louis Vuitton's stablemate Dior opened a cafe concept in Chengdu earlier this year, and in March Prada opened a Wong Kar Wai-designed restaurant at its Rong Zhai cultural space in Shanghai. Jeweller Tiffany and Co. recently downsized a large downtown Shanghai store, but in March it also opened a new three-storey flagship in Chengdu. Nordey says that while more people refer to this trend as "experiential" retail, it actually speaks to something much deeper. "I think it's a way of looking at your customer, either as someone that will buy products, or as an individual who is trying to have a more fulfilling life," he said. "If your purpose is not only to feed your client with consumer products, but more than that, you might actually resonate more strongly with them." While high-profile luxury store closures in mainland China have prompted speculation of brands lessening investment in a slowing market, CRBE's Helmlinger says the real story is more nuanced, indicating a strategic realignment of resources, rather than a pullback in the market. "You need to create this concept of rarity, and rarity comes with scarcity," he said. "When you have 80 or 90 stores in one market, it doesn't seem so rare anymore, it seems like it's mainstream."
