Half of ransomware victims paid hackers, according to a study
The data comes from Sophos' sixth annual State of Ransomware report, a vendor-neutral global survey of IT and cybersecurity leaders across 17 countries, offering insights into the real-world impact of ransomware on businesses.
Notably, while many victims opted to pay, 53 per cent of them ended up negotiating and paying less than the attackers' original demand.
In 71 per cent of those cases, companies managed to lower the amount through negotiation, either on their own or with the help of a third party.
The survey also found that from 2024 to 2025, the median ransom demand dropped by a third and the median payment fell by half, indicating companies are becoming more effective at limiting ransomware impact.
Overall, the median ransom payment was one million dollars, although the initial demand varied significantly depending on organisation size and revenue.
The median ransom demand for companies with over US$1 billion in revenue was five million dollars, while organisations with US$250 million in revenue or less saw median ransom demands of less than US$350,000.
Meanwhile, the study also found that for the third year in a row, exploited vulnerabilities were the leading technical root cause of attacks.
In addition, 40 per cent of ransomware victims said attackers took advantage of a security gap they were not aware of, highlighting the ongoing challenge organisations face in identifying and securing their attack surface.
Overall, 63 per cent of organisations said resourcing issues contributed to them falling victim to the attack.
Lack of expertise was the top operational cause among organisations with more than 3,000 employees, while lack of people or capacity was most often cited by those with 251 to 500 employees.
Sophos director and global field chief information security officer (CISO) Chester Wisniewski said for many organisations, the chance of being compromised by ransomware actors is just a part of doing business in 2025.
"The good news is that, thanks to this increased awareness, many companies are arming themselves with resources to limit damage.
"This includes hiring incident responders who can not only lower ransom payments but also speed up recovery and even stop attacks in progress," he said in a statement.
He added that ransomware can still be "cured" by tackling the root causes of attacks, such as exploited vulnerabilities, lack of visibility into the attack surface, and limited resources.
He noted that Sophos is seeing more companies recognise they need help and move to managed detection and response (MDR) services for defence.
"MDR coupled with proactive security strategies, such as multifactor authentication and patching, can go a long way in preventing ransomware from the start," he said.
Data for the State of Ransomware 2025 report comes from a vendor-agnostic survey of 3,400 IT and cybersecurity leaders in organisations that were hit by ransomware in the previous year.
Organisations surveyed ranged from 100 to 5,000 employees and across 17 countries.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Free Malaysia Today
37 minutes ago
- Free Malaysia Today
Govt looks into US request to ease foreign ownership limits
Tengku Zafrul Aziz said trade officials were working to meet the new US tariff deadline of Aug 1, 'but not at the expense of agreeing to every request'. PETALING JAYA : The government is to consult industry leaders over a US request to relax the limits on foreign ownership of companies in some sectors, says investment, trade and industry minister Tengku Zafrul Aziz. Tengku Zafrul said the US had asked Malaysia to consider liberalising the foreign shareholding restrictions in force on some sectors. Many other nations have also received the same request from the US, he said. The minister said the government would need to consult industry leaders in strategic sectors to determine whether these sectors were ready for the caps on foreign equity to be lifted. 'We need to carefully study its potential impact,' he said. Tengku Zafrul pointed out that some sectors did not have such restrictions, while the manufacturing industry was 'nearly all open'. However, foreign equity limits are still being imposed on strategic sectors, he said. 'As you know, Malaysia has equity restrictions for foreign shareholders in certain sectors. There's a request for us to relook or liberalise those sectors. We need to consult those industries, on whether we are ready to relax those equity shareholding restrictions,' he said. However, not all the US requests would be accepted, he said. 'Some of the requests, we feel, may not be fair to Malaysia.' He said trade officials were working to meet US president Donald Trump's new tariff deadline of Aug 1, 'but not at the expense of agreeing to every request'. The Trump administration has said a 25% tariff would be imposed should talks on a trade deal fail. Flexibility on tariffs Tengku Zafrul said there might be room for flexibility on a sector-by-sector basis. 'There will be opportunities for us to negotiate tariffs below 10% for certain sectors. But at the same time, we cannot depend solely on this trade negotiation.' He pointed to the current status of key sectors such as semiconductors and pharmaceuticals, on which no tariffs are imposed. 'For example, pharmaceuticals are in a better position. Right now, tariffs for both the semiconductor and pharmaceutical sectors are at zero. Naturally, we want to maintain that 0% tariff, but whether we can secure it is another matter.' On the potential impact of tariff changes on the Johor-Singapore special economic zone, Tengku Zafrul said investors were holding off until there was greater clarity. 'There seems to be a wait-and-see attitude. Investors are watching how the tariff scenario plays out before recalculating their positions. That calculation can only happen once there's certainty.' Another discussion would be held this week, with talks to be accelerated until the end of the month, he said.
New Straits Times
an hour ago
- New Straits Times
Zuckerberg squaring off against Meta investors
MARK Zuckerberg is expected to appear as a star witness in an unusual US$8 billion trial that kicks off this week at which the Meta chief executive officer is accused of operating Facebook as an illegal enterprise that allowed users' data to be harvested without their consent. > Shareholders of Meta Platforms, the parent company of Facebook, Instagram and WhatsApp, sued Zuckerberg and other current and former company leaders, saying they continually violated a 2012 agreement between Facebook and the Federal Trade Commission (FTC) to protect users' data. The case dates back to 2018, after it emerged that data from millions of Facebook users was accessed by Cambridge Analytica, a now-defunct political consulting firm that worked for Donald Trump's successful campaign for United States president in 2016. Shareholders want Zuckerberg and the other defendants to reimburse the company for more than US$8 billion in fines and other costs paid by Meta after the Cambridge Analytica scandal came to light, including a record US$5 billion fine imposed on Facebook by the FTC in 2019 for violating the 2012 agreement. Defendants in the case include former chief operating officer Sheryl Sandberg, venture capitalist and board member Marc Andreessen, as well as former board members Peter Thiel, the Palantir Technologies co-founder, and Reed Hastings, the co-founder of Netflix. Zuckerberg and the other defendants, who declined to comment, have dismissed the allegations in court filings as "extreme claims". Meta, which is not a defendant, also declined to comment. The non-jury trial in Wilmington, Delaware, is scheduled to last eight days. It will mostly focus on decade-old events and board meetings to determine how Facebook leaders implemented the 2012 agreement. While the trial will cover long-ago policies, it comes as privacy concerns continue to dog Meta, which is under scrutiny for its training of artificial intelligence (AI) models. The company says it has invested billions of dollars since 2019 in its programme to safeguard users' privacy. Jason Kint, the head of Digital Content Next, a trade group for content providers, said the case would fill in details about what the board knew — and when — regarding the data of users, who now total more than three billion daily across Meta's platforms. "There's an argument we can't avoid Facebook and Instagram in our lives," he said. "Can we trust Mark Zuckerberg?" Two years ago, the defendants sought to dismiss the case before trial, which the judge declined. "This is a case involving alleged wrongdoing on a truly colossal scale," said Travis Laster, the judge handling the case at the time. The trial in the Court of Chancery will be overseen by Kathaleen McCormick. Now the plaintiffs, individual investors and union pension funds, including California's State Teachers' Retirement System, must prove what is often described as the most difficult claim in corporate law — showing that directors utterly failed in their duty of oversight. Legal experts said it appeared to be the first trial on such a claim. Zuckerberg and Sandberg are alleged to have knowingly caused the company to violate the law. While Delaware law protects directors and officers for bad business decisions, it does not protect them from illegal ones, even if they are profitable. Defendants said in court filings that plaintiffs could not deliver the evidence. The shareholders in pre-trial court papers said they could prove that after the 2012 agreement, Facebook continued deceptive privacy practices, at the direction of Zuckerberg. The defendants said the evidence would show that the company built a team to oversee privacy and hired an outside compliance firm and that Facebook was a victim of Cambridge Analytica's "studied deceit". In addition to the central privacy claims, plaintiffs also allege that when Zuckerberg could see that the Cambridge Analytica scandal was about to break and send company stock lower, he was motivated to offload his stock and reaped at least US$1 billion in profit. Defendants said evidence would show he used a stock-trading plan that could protect against insider-trading allegations. They also said the motivation was to benefit his charitable pursuits.
The Star
2 hours ago
- The Star
Miti's AI chip export rule to have no impact on data centres
KUALA LUMPUR: MIDF Amanah Investment Bank Bhd believes that data centres will not be affected by the Ministry of Investment, Trade and Industry's (MITI) latest directive on artificial intelligence (AI) chips. The ministry has issued a directive which requires all exports, transshipments and transits of high-performance AI chips of United States (US) origin in Malaysia to obtain a Strategic Trade Permit (STP). In a research note today, the investment bank said the import of US-made advanced AI chips for use in domestic servers does not fall under the scope of the new rules unless the data centre operators intend to move the chips out of Malaysia. "There is zero impact from this directive in our opinion, as far as data centres in Malaysia are concerned. This is not an additional red tape that could delay the process of setting up a data centre in Malaysia,' it said. MIDF noted that since the beginning of the year, it has consistently reiterated that most new data centres are AI-ready, though some may eventually be used for non-AI purposes. The investment bank said the directive primarily addresses the movement of AI chips out of Malaysia, which it views as a prudent move by MITI to prevent suspected smuggling of chips into China through intermediaries. "This shows Malaysia's willingness to take responsibility for the movement of US-origin AI chips out of the country by stepping up its enforcement,' it added. MIDF said negotiations between Malaysia and the US will likely focus on regulatory enforcement, end-user monitoring, and the seriousness in addressing violations of the control measures. "MITI's latest directive covers all these. It is hoped that this will be able to placate the US when negotiating the restrictions of AI chip exports under Trump's refashioned AI Diffusion Rule,' it said. It added that speculation is growing around a possible shift from the current three-tiered country system to a licensing regime based on government-to-government agreements. This could mean that firms headquartered in the US or its close allies may no longer be restricted by the current seven per cent AI computing power limit for countries outside Tier 1, which allows for more AI capacities to be planned in countries such as Malaysia. "Regardless of the changes from Biden's rescinded Framework of AI Diffusion to the new rule being rewritten by the Trump administration, MIDF believes the essence remains, which is to contain China's AI advancement and ensure that US AI chips are not used to train Chinese AI models,' noted MIDF. - Bernama
