Half of Global Companies Pay Ransom as Cyber Threats Surge: Sophos 2025 Report

InternationalTechnology
By Ekemini
0 72

Nearly 50 percent of global companies opted to pay ransoms in 2025 following ransomware attacks, according to Sophos’ sixth annual State of Ransomware report. The study, which surveyed IT and cybersecurity leaders in 17 countries, found this was the second-highest ransom payment rate in six years. Despite paying the ransom, more than half of the respondents (53 percent) negotiated and paid less than the initial demand, signaling increased negotiation effectiveness and strategic response from organizations.

The median ransom payment in 2025 stood at $1 million, though initial demands varied widely based on company size. Firms earning over $1 billion reported median demands of $5 million, while smaller firms with revenues under $250 million faced demands below $350,000. The report noted a 50 percent drop in the actual ransom payments from the previous year, attributed to better negotiation and increased adoption of incident response practices.

A major technical cause of these attacks was exploited vulnerabilities, responsible for 40 percent of the cases. Many organizations admitted to not being aware of existing security gaps. Additionally, staffing and expertise shortages contributed significantly to companies’ inability to prevent or respond quickly to attacks. These issues were more acute in both large enterprises with over 3,000 employees and mid-sized firms with 251–500 staff.

Encouragingly, the report found progress in companies’ ability to stop attacks before data encryption, with 44 percent thwarting attacks mid-process, the highest in six years. The average cost of recovery dropped significantly from $2.73 million in 2024 to $1.53 million in 2025. Additionally, the percentage of companies relying on backups fell to 54 percent, the lowest in six years, indicating a shift toward negotiation and other recovery tactics.

To strengthen defenses, Sophos recommended prioritizing vulnerability management, endpoint protection, and adopting Managed Detection and Response (MDR) services. The firm emphasized the need for proactive measures like multifactor authentication and robust patching practices. Moreover, organizations were advised to maintain tested incident response plans and consistent data backup procedures to limit the impact of future attacks.

Source: This day

You might also like More from author
Leave A Reply

Your email address will not be published.

More Stories

Politics, Music, and Viral Trends Dominate Google Searches…

Nigeria Needs 72 Data Centres to Power $1 Trillion Economy…

Asia-Pacific Markets Fall Amid Mixed U.S. Session and Rising…

1 of 1,106