The median ransomware payment in the second quarter of 2022 was $36,360, a 51 percent decrease from the first quarter, according to a report released July 28 by ransomware remediation firm Coveware.
Six things to know:
- The average ransom payment in Q2 was $228,125, an 8 percent increase from the previous quarter, the report said.
- In Q2, 86 percent of ransomware attacks involved data theft and a threat to release the stolen data publicly.
- The most common ransomware attack vector in the second quarter was email phishing.
- Several smaller operations are leading ransomware attacks in Q2. These groups include BlackCat, LockBit 2.0, Hive, Quantum, Conti V2, Phobos, Black Basta and AvosLocker, the report said.
- Professional services was the most attacked sector in the second quarter, accounting for 21.9 percent of breaches, followed by the public sector (14.4 percent), the healthcare sector (10 percent) and software services (9.4 percent).
- The healthcare industry saw a light increase in the number of ransomware attacks, according to the report.
The recent decrease in payments could be attributed to the changing profile of attacked companies, as ransomware gangs tend to focus on midmarket companies rather than larger enterprises, according to the report.