- New research requirements downtime from ransomware -attack costs government agencies thousands
- The average downtime after an attack is over 27 days
- Ransomhub is the top offender
New research from Comparitech has outlined that an important underrated aspect of ransomware costs state agencies thousands of dollars a day – downtime.
Of the over 1,000 confirmed ransomware attacks that were traced, almost a month’s downtime was lost per day. Attack on average, which cost almost $ 84,000 per Day.
For public agencies, the average downtime is higher than other sectors with healthcare on average 16 days and 12 days for producers. Although fewer than half of all ransomware events end with payment, the total amount paid in previous years has hit over $ 1 billion, so attacks can be seriously expensive all-round.
Key goal
The research indicates that government units are less equipped to overcome attacks, probably from budgetary restrictions leading to longer recovery times.
On average, attackers demanded $ 2.2 million in ransom, but it is very rarely confirmed whether or not a ransom is paid – and some governments such as the UK have launched proposals that would effectively ban state organizations from paying ransom to discourage groups from targeting them.
But this does not stop attackers where state agencies often topped the list of the most popular goals.
Critical infrastructure organizations are increasingly at risk of geopolitically motivated attacks that want to disrupt service providers and undermine confidence in public institutions.
The report outlines that the notorious group of Ransomhub is responsible for stealing most data, with over 730,000 items taken since 2018. Close behind them is ALPHV with 700,000, and brain chifs with 650,000 items stolen.
Although it is a fairly new group, Ransomhub continues to find success in attacking both public and private organizations where the group claims to have made a victim of Metlife earlier in 2025.
