Dutch researchers analyzed police and incident response data to understand what factors contribute to a ransomware victim’s likelihood of paying. They found that companies working with third-party incident response firms were the most willing to pay their extortionists, and that insurance coverage or data exfiltrated in the attack correlated with higher ransom payments but not necessarily with paying a ransom in the first place. Among the 430 victims studied, 28% reported paying a ransom, with the average payment being approximately €431,000 (about $469,781). The study also found that companies with insurance paid significantly higher ransoms than those without. Additionally, companies with backed-up data were less likely to pay a ransom, but when they did, they paid more than those without backups. The study concluded that companies who hired incident response firms were more likely to pay a ransom compared to those who only reported incidents to the police. It also found that information technology companies were the most lucrative target for ransomware actors, likely due to the critical services they provide. Additionally, the researchers corrected a previous statement, clarifying that data exfiltration increases the amount of payment but does not correlate with a higher likelihood of payment. This study provides valuable insights into ransomware incidents and the factors that influence victim behavior.


Full Stack Developer

About the Author

I’m passionate about web development and design in all its forms, helping small businesses build and improve their online presence. I spend a lot of time learning new techniques and actively helping other people learn web development through a variety of help groups and writing tutorials for my blog about advancements in web design and development.

View Articles