IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Ransomware demands in Japan are almost 26 times higher than in the UK, report finds

Ransom demands tend to be lower in order to make it easier for organisations to pay them, according to Sophos researchers

The average ransom demand for Japanese businesses was almost 26 times higher than for UK organisations in 2021, according to the latest ransomware report by Sophos.

Research conducted by the security software provider found that the UK’s average ransom payment for mid-size organisations was five times cheaper than the global average, which has soared from around $170,000 (£137,000) in 2020 to $812,360 (£645,525) in 2021.

Japanese organisations paid the highest ransoms in the world in 2021, with an average payment of $4,327,024 (£3,440,330).

Meanwhile, the 2021 average for the UK was found to be only $166,828 (£132,597), with 57% of organisations falling victim to a ransomware attack – only 4% lower than in Japan, at 61%.

However, the discrepancy in demands is due to UK organisations “being better prepared and paying ransom less often”, according to Sophos principal research scientist Chet Wisniewski.

In October 2021, the UK joined 30 other countries, including the US, Australia, and several EU members, in cracking down on ransomware payments by blocking the cryptocurrency payment channels used by cyber criminals.

Ransom demands tend to be lower to make it easier for organisations to pay them. Hackers tend to also make smaller demands if they’re aware that the targeted business uses backups to restore data in case it’s lost, Wisniewski told IT Pro.

Related Resource

Security awareness training strategies for account takeover protection

Why you need an inside-the-perimeter strategy for internal threats

Security awareness training strategies for account takeover protection - whitepaper from MimecastFree download

The latest State of Ransomware report found backups to be the most popular method used to restore data, having been used by 73% of organisations where data was encrypted. Despite this, 46% of the surveyed organisations admitted to paying the ransom to restore data to maximise the speed and efficacy of having the data fully restored.

Due to the high number of ransomware attacks, Sophos has urged organisations to not only make regular backups but also practice restoring from them to minimise the disruption to business following the attack. 

The cyber security provider also recommended that organisations review their security controls, proactively hunt for threats ahead of a potential attack, patch all unprotected devices, as well as prepare a plan in case of a cyber incident.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Mastering endpoint security implementation
Security

Mastering endpoint security implementation

18 May 2022
The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Researchers demonstrate how to install malware on iPhone after it's switched off
Security

Researchers demonstrate how to install malware on iPhone after it's switched off

18 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022