RansomwareClock.org

Reported Cost of Ransomware Attacks 2025 YTD

Aggregated Estimate from Public and Private Sources, Reflects Reported Attacks Only. Actual cost estimated to be significantly higher.

The forecast for cybercrime in 2024 is harsh with attacks increasing in frequency, sophistication, and severity. We must work together to protect our companies and communities from the financial, operational, and emotional trauma of cyber-attacks.

Cyber Stats

$1.85m

average cost for remediation, business downtime, lost orders, operational costs, etc. 2X vs year ago. Recovery cost is 10X the size of the ransom payment. Sophos, The State of Ransomware 2021

93%

consider an organization's trustworthiness prior to purchasing. 59% would avoid doing business with a company cyberattacked in the past 12 months. Arcserve 2020 Survey

11 seconds

a new ransomware attack hits this year. Cybersecurity Ventures. (In the time it takes you to read this cyber stat, another business has been hit with a ransomware attack.)

207 days

days is the average time to identify a breach. Meaning the bad guys are in your system for over 6-months. IBM Security Cost of a Data Breach Report 2020.

Only 21%

of security professionals think their current security controls are adequate. Forrester State of Enterprise IoT Security in North America

21 days

days is the average downtime caused by a ransomware attack. Coveware Q4, 2020

Spotlight

CISA

The Cybersecurity and Infrastructure Security Agency (CISA) was founded in 2018 and is a standalone United States federal agency, organized under the Department of Homeland Security (DHS). It exists to...

RECENT ATTACKS & NEWS

March 5, 2026

Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises

Less than half of the total zero-days have been attributed to a threat actor, but spyware vendors and China are...

March 5, 2026

Russian Ransomware Operator Pleads Guilty in US

Evgenii Ptitsyn was extradited to the United States from South Korea in November 2024. The post Russian Ransomware Operator Pleads...

March 5, 2026

Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild

The networking giant has added the recently patched CVE-2026-20128 and CVE-2026-20122 to the list of exploited vulnerabilities. The post Cisco...

March 5, 2026

Reclaim Security Raises $20 Million to Accelerate Remediation

The company will expand its engineering team, deepen integrations, and accelerate go-to-market initiatives. The post Reclaim Security Raises $20 Million...

March 5, 2026

LeakBase Cybercrime Forum Shut Down, Suspects Arrested

The stolen credential marketplace had been active since 2021 and in late 2025 it counted 142,000 users. The post LeakBase...

March 5, 2026

Cisco Patches Critical Vulnerabilities in Enterprise Networking Products

Cisco has rolled out patches for 48 vulnerabilities in Firewall ASA, Secure FMC, and Secure FTD products. The post Cisco...

March 4, 2026

Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks

Google and iVerify analysis reveals a powerful exploit kit originally used by Russian state actors that is now appearing in...

March 4, 2026

Tycoon 2FA Phishing Platform Dismantled in Global Takedown

The phishing-as-a-service platform was used to send fraudulent emails to over 500,000 organizations every month. The post Tycoon 2FA Phishing...

March 4, 2026

New LexisNexis Data Breach Confirmed After Hackers Leak Files

The hackers claim to have stolen 2GB of files, including 400,000 personal information records. The post New LexisNexis Data Breach...

March 4, 2026

Zurich Acquires Beazley in $11 Billion Deal to Lead Cyberinsurance

The deal awaits final shareholder and regulatory approvals and is expected to be completed in the second half of 2026....

PREVENTATIVE RESOURCES

Governmental and Law Enforcement

Legal Matters

Insurance Resources

In Case of Cyber Attack Emergency

If a ransomware incident occurs at your organization, CISA, FBI, and NSA recommend the following actions:

Follow the Ransomware Response Checklist on p. 11 of the CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide
Scan your backups. If possible, scan your backup data with an antivirus program to check that it is free of malware.
Report incidents immediately to CISA at https://us-cert.cisa.gov/report, a local FBI Field Office, or U.S. Secret Service Field Office
Apply incident response best practices found in the joint advisory from Australia, Canada, New Zealand, the United Kingdom, and the United States on Technical Approaches to Uncovering and Remediating Malicious Activity.

Contact your Local FBI Office - https://www.fbi.gov/contact-us/field-offices

Report a Complaint to the FBI’s Internet Criminal Complaint Center: www.IC3.gov

Technical Expertise/Crisis Communications

RansomwareClock.org

RansomwareClock.org

ALL RIGHTS RESERVED 2022

RansomwareClock.org

ALL RIGHTS RESERVED 2021