RansomwareClock.org

Reported Cost of Ransomware Attacks 2025 YTD

Aggregated Estimate from Public and Private Sources, Reflects Reported Attacks Only. Actual cost estimated to be significantly higher.

The forecast for cybercrime in 2024 is harsh with attacks increasing in frequency, sophistication, and severity. We must work together to protect our companies and communities from the financial, operational, and emotional trauma of cyber-attacks.

Cyber Stats

$1.85m

average cost for remediation, business downtime, lost orders, operational costs, etc. 2X vs year ago. Recovery cost is 10X the size of the ransom payment. Sophos, The State of Ransomware 2021

93%

consider an organization's trustworthiness prior to purchasing. 59% would avoid doing business with a company cyberattacked in the past 12 months. Arcserve 2020 Survey

11 seconds

a new ransomware attack hits this year. Cybersecurity Ventures. (In the time it takes you to read this cyber stat, another business has been hit with a ransomware attack.)

207 days

days is the average time to identify a breach. Meaning the bad guys are in your system for over 6-months. IBM Security Cost of a Data Breach Report 2020.

Only 21%

of security professionals think their current security controls are adequate. Forrester State of Enterprise IoT Security in North America

21 days

days is the average downtime caused by a ransomware attack. Coveware Q4, 2020

Spotlight

CISA

The Cybersecurity and Infrastructure Security Agency (CISA) was founded in 2018 and is a standalone United States federal agency, organized under the Department of Homeland Security (DHS). It exists to...

RECENT ATTACKS & NEWS

June 26, 2026

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

AWS has patched the vulnerability and published its own advisory to inform customers about the potential impact. The post Amazon...

June 26, 2026

More Klue Breach Victims Identified as Hackers Get Hacked

Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact. The post More Klue Breach Victims Identified...

June 26, 2026

In Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk Layoffs

Other noteworthy stories that might have slipped under the radar: Russia used Cellebrite to hack activist’s phone, Five Eyes issue...

June 26, 2026

Nebulock Raises $25 Million for AI-Native Contextual Security

The cybersecurity startup provides threat hunting, proactive detection, and behavioral security analytics. The post Nebulock Raises $25 Million for AI-Native...

June 26, 2026

Linux Foundation Unveils New Open Source Security Project Akrites

It will provide the tools and channels to report, patch, and disclose open source software vulnerabilities. The post Linux Foundation...

June 26, 2026

$3 Million Reportedly Stolen in Polymarket Hack

The decentralized prediction market said hackers targeted some of its users through a compromise of a third-party vendor. The post...

June 26, 2026

Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets

Turla has been using the backdoor against government and military organizations in Ukraine for espionage. The post Russian APT Deploys...

June 26, 2026

First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild

CISA has added the remote code execution flaw CVE-2026-12569 to its Known Exploited Vulnerabilities catalog. The post First-Ever Exploitation of...

June 26, 2026

New Enterprise-Ready MCP Specification Brings New Security Challenges

A major overhaul of the Model Context Protocol shifts critical security responsibilities from the protocol itself to developers and platform...

June 26, 2026

Philip Martin Joins Uber as Chief Information Security Officer

Martin brings experience from Coinbase, Palantir, Amazon, and the U.S. Army to lead Uber’s cybersecurity and enterprise security organization. The...

PREVENTATIVE RESOURCES

Governmental and Law Enforcement

Legal Matters

Insurance Resources

In Case of Cyber Attack Emergency

If a ransomware incident occurs at your organization, CISA, FBI, and NSA recommend the following actions:

Follow the Ransomware Response Checklist on p. 11 of the CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide
Scan your backups. If possible, scan your backup data with an antivirus program to check that it is free of malware.
Report incidents immediately to CISA at https://us-cert.cisa.gov/report, a local FBI Field Office, or U.S. Secret Service Field Office
Apply incident response best practices found in the joint advisory from Australia, Canada, New Zealand, the United Kingdom, and the United States on Technical Approaches to Uncovering and Remediating Malicious Activity.

Contact your Local FBI Office - https://www.fbi.gov/contact-us/field-offices

Report a Complaint to the FBI’s Internet Criminal Complaint Center: www.IC3.gov

Technical Expertise/Crisis Communications

RansomwareClock.org

RansomwareClock.org

ALL RIGHTS RESERVED 2022

RansomwareClock.org

ALL RIGHTS RESERVED 2021