CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Ransomware Payouts Surge to $3.6m Amid Evolving Tactics

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

The average ransomware payment has increased to $3.6 million in 2025, up from $2.5 million in 2024. This 44% surge comes despite a decline in the overall number of attacks, indicating a shift towards more targeted and higher-stakes operations. The 2025 Global Threat Landscape Report from ExtraHop highlights that cybercriminals are adopting more disciplined strategies, focusing on fewer but more impactful attacks. Organizations in critical sectors, such as healthcare, government, and finance, are experiencing the most significant financial burdens, with average payouts reaching nearly $7.5 million in some cases. The report also identifies public cloud infrastructure, third-party integrations, and generative AI applications as the top sources of cybersecurity risk, complicating defense efforts.

Timeline

  1. 21.10.2025 16:00 1 articles · 23h ago

    Ransomware Payouts Surge to $3.6m Amid Evolving Tactics

    The average ransomware payment has increased to $3.6 million in 2025, up from $2.5 million in 2024. This surge is accompanied by a decline in the overall number of attacks, indicating a shift towards more targeted and higher-stakes operations. Organizations in critical sectors, such as healthcare and government, are experiencing the most significant financial burdens, with average payouts reaching nearly $7.5 million per incident. The report also identifies public cloud infrastructure, third-party integrations, and generative AI applications as the top sources of cybersecurity risk, complicating defense efforts.

    Show sources
    Open in new tab

Information Snippets

  • The average ransomware payment increased to $3.6 million in 2025, up from $2.5 million in 2024.

    First reported: 21.10.2025 16:00
    1 source, 1 article
    Show sources

  • The number of ransomware incidents reported by organizations decreased by approximately 25% from 2024 to 2025.

    First reported: 21.10.2025 16:00
    1 source, 1 article
    Show sources

  • Seventy percent of affected organizations paid the ransom, with critical sectors facing higher payouts.

    First reported: 21.10.2025 16:00
    1 source, 1 article
    Show sources

  • Healthcare and government agencies faced the highest average payouts, nearly $7.5 million per incident.

    First reported: 21.10.2025 16:00
    1 source, 1 article
    Show sources

  • Public cloud infrastructure, third-party integrations, and generative AI applications are the top sources of cybersecurity risk.

    First reported: 21.10.2025 16:00
    1 source, 1 article
    Show sources

  • Phishing remains the leading method of infiltration, responsible for 33.7% of attacks.

    First reported: 21.10.2025 16:00
    1 source, 1 article
    Show sources

  • Threat actors typically go undetected for about two weeks once inside a network.

    First reported: 21.10.2025 16:00
    1 source, 1 article
    Show sources

  • Organizations took over two weeks to contain a security alert, with each incident leading to roughly 37 hours of downtime.

    First reported: 21.10.2025 16:00
    1 source, 1 article
    Show sources