RansomwareClock.org

Reported Cost of Ransomware Attacks 2025 YTD

Aggregated Estimate from Public and Private Sources, Reflects Reported Attacks Only. Actual cost estimated to be significantly higher.

The forecast for cybercrime in 2024 is harsh with attacks increasing in frequency, sophistication, and severity. We must work together to protect our companies and communities from the financial, operational, and emotional trauma of cyber-attacks.

Cyber Stats

$1.85m

average cost for remediation, business downtime, lost orders, operational costs, etc. 2X vs year ago. Recovery cost is 10X the size of the ransom payment. Sophos, The State of Ransomware 2021

93%

consider an organization's trustworthiness prior to purchasing. 59% would avoid doing business with a company cyberattacked in the past 12 months. Arcserve 2020 Survey

11 seconds

a new ransomware attack hits this year. Cybersecurity Ventures. (In the time it takes you to read this cyber stat, another business has been hit with a ransomware attack.)

207 days

days is the average time to identify a breach. Meaning the bad guys are in your system for over 6-months. IBM Security Cost of a Data Breach Report 2020.

Only 21%

of security professionals think their current security controls are adequate. Forrester State of Enterprise IoT Security in North America

21 days

days is the average downtime caused by a ransomware attack. Coveware Q4, 2020

Spotlight

CISA

The Cybersecurity and Infrastructure Security Agency (CISA) was founded in 2018 and is a standalone United States federal agency, organized under the Department of Homeland Security (DHS). It exists to...

RECENT ATTACKS & NEWS

April 9, 2026

Apple Intelligence AI Guardrails Bypassed in New Attack

RSAC researchers hacked Apple Intelligence using the Neural Exect method and Unicode manipulation. The post Apple Intelligence AI Guardrails Bypassed...

April 9, 2026

Can we Trust AI? No – But Eventually We Must

From hallucinations and bias to model collapse and adversarial abuse, today’s AI is built on probability rather than truth, yet...

April 9, 2026

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Dozens of such keys can be extracted from apps’ decompiled code to gain access to all Gemini endpoints. The post...

April 9, 2026

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

The bugs could allow attackers to modify protected resources and escalate their privileges to administrator. The post Palo Alto Networks,...

April 9, 2026

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven...

April 9, 2026

Google Warns of New Campaign Targeting BPOs to Steal Corporate Data

Tracked as UNC6783, the threat actor is likely linked to Mr. Raccoon, the hacker behind the alleged theft of Adobe...

April 9, 2026

Adobe Reader Zero-Day Exploited for Months: Researcher

Reputable researcher Haifei Li has come across what appears to be a PDF designed to exploit an unpatched vulnerability. The...

April 9, 2026

300,000 People Impacted by Eurail Data Breach

In December 2025, hackers stole names and passport numbers from the European travel company’s network. The post 300,000 People Impacted...

April 9, 2026

$3.6 Million Stolen in Bitcoin Depot Hack

A hacker transferred more than 50 bitcoin from the Bitcoin ATM operator’s wallets after stealing credentials. The post $3.6 Million...

April 8, 2026

Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long

Hackers vowed to revive its efforts against America when the time was right — demonstrating how digital warfare has become...

PREVENTATIVE RESOURCES

Governmental and Law Enforcement

Legal Matters

Insurance Resources

In Case of Cyber Attack Emergency

If a ransomware incident occurs at your organization, CISA, FBI, and NSA recommend the following actions:

Follow the Ransomware Response Checklist on p. 11 of the CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide
Scan your backups. If possible, scan your backup data with an antivirus program to check that it is free of malware.
Report incidents immediately to CISA at https://us-cert.cisa.gov/report, a local FBI Field Office, or U.S. Secret Service Field Office
Apply incident response best practices found in the joint advisory from Australia, Canada, New Zealand, the United Kingdom, and the United States on Technical Approaches to Uncovering and Remediating Malicious Activity.

Contact your Local FBI Office - https://www.fbi.gov/contact-us/field-offices

Report a Complaint to the FBI’s Internet Criminal Complaint Center: www.IC3.gov

Technical Expertise/Crisis Communications

RansomwareClock.org

RansomwareClock.org

ALL RIGHTS RESERVED 2022

RansomwareClock.org

ALL RIGHTS RESERVED 2021