RansomwareClock.org

Reported Cost of Ransomware Attacks 2025 YTD

Aggregated Estimate from Public and Private Sources, Reflects Reported Attacks Only. Actual cost estimated to be significantly higher.

The forecast for cybercrime in 2024 is harsh with attacks increasing in frequency, sophistication, and severity. We must work together to protect our companies and communities from the financial, operational, and emotional trauma of cyber-attacks.

Cyber Stats

$1.85m

average cost for remediation, business downtime, lost orders, operational costs, etc. 2X vs year ago. Recovery cost is 10X the size of the ransom payment. Sophos, The State of Ransomware 2021

93%

consider an organization's trustworthiness prior to purchasing. 59% would avoid doing business with a company cyberattacked in the past 12 months. Arcserve 2020 Survey

11 seconds

a new ransomware attack hits this year. Cybersecurity Ventures. (In the time it takes you to read this cyber stat, another business has been hit with a ransomware attack.)

207 days

days is the average time to identify a breach. Meaning the bad guys are in your system for over 6-months. IBM Security Cost of a Data Breach Report 2020.

Only 21%

of security professionals think their current security controls are adequate. Forrester State of Enterprise IoT Security in North America

21 days

days is the average downtime caused by a ransomware attack. Coveware Q4, 2020

Spotlight

CISA

The Cybersecurity and Infrastructure Security Agency (CISA) was founded in 2018 and is a standalone United States federal agency, organized under the Department of Homeland Security (DHS). It exists to...

RECENT ATTACKS & NEWS

March 10, 2026

Jazz Emerges From Stealth With $61M in Funding for AI-Powered DLP

The startup brings AI to data loss prevention to provide visibility into intent, context, and risk. The post Jazz Emerges...

March 10, 2026

Kai Emerges From Stealth With $125M in Funding for AI Platform Bridging IT and OT Security

The company was created by a Claroty founder and is backed by Evolution Equity Partners, N47, and other investors. The...

March 10, 2026

Webinar Today: Securing Fragile OT in an Exposed World

Join the webinar as we examine the current OT threat landscape and move past the “doom and gloom” to discuss...

March 10, 2026

SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities

A code injection bug in FS-QUO and an insecure deserialization flaw in NetWeaver could lead to arbitrary code execution. The...

March 10, 2026

Thousands Affected by Ericsson Data Breach

The telecommunications equipment and services giant has blamed the incident on a third-party vendor. The post Thousands Affected by Ericsson...

March 10, 2026

OpenAI Rolls Out Codex Security Vulnerability Scanner

Codex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month. The post OpenAI...

March 10, 2026

Kevin Mandia’s Armadin Launches With $190 Million in Funding

Armadin uses AI-powered red teaming to find and exploit weaknesses in the same way that attackers attack them. The post...

March 10, 2026

Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign

Salesforce has confirmed that customers are being targeted via poorly secured instances. The post Hundreds of Salesforce Customers Allegedly Targeted...

March 10, 2026

Escape Raises $18 Million to Automate Pentesting

The company will deepen its platform’s AI agent capabilities and scale engineering and go-to-market teams. The post Escape Raises $18...

March 10, 2026

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs. The...

PREVENTATIVE RESOURCES

Governmental and Law Enforcement

Legal Matters

Insurance Resources

In Case of Cyber Attack Emergency

If a ransomware incident occurs at your organization, CISA, FBI, and NSA recommend the following actions:

Follow the Ransomware Response Checklist on p. 11 of the CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide
Scan your backups. If possible, scan your backup data with an antivirus program to check that it is free of malware.
Report incidents immediately to CISA at https://us-cert.cisa.gov/report, a local FBI Field Office, or U.S. Secret Service Field Office
Apply incident response best practices found in the joint advisory from Australia, Canada, New Zealand, the United Kingdom, and the United States on Technical Approaches to Uncovering and Remediating Malicious Activity.

Contact your Local FBI Office - https://www.fbi.gov/contact-us/field-offices

Report a Complaint to the FBI’s Internet Criminal Complaint Center: www.IC3.gov

Technical Expertise/Crisis Communications

RansomwareClock.org

RansomwareClock.org

ALL RIGHTS RESERVED 2022

RansomwareClock.org

ALL RIGHTS RESERVED 2021