The average ransom demand made following a ransomware attack has risen to$2.2 million as cyber criminals are becoming bolder and have a bigger impact on the businesses they're targeting.
The amount ransomware attackers are demanding has more than doubled since 2020, when the average ransom demand for a decryption key stood at$900,000.
The figures comes from cybersecurity researchers at Palo Alto Networks, who analyzed ransomware incident response cases they were involved in during 2021.
SEE: What is ransomware? Everything you need to know about one of the biggest menaces on the web
While the final ransom payments are often much less than the initial ransom demands, they've also risen significantly in recent years. During 2020, the average ransom paid was just over$300,000, which rose to$541,000 in 2021.
Analysis of incidents suggests that for those businesses that paid a ransom when the attackers initially demanded over$3 million, the average amount paid was 43% of the ransom demand -but some cyber criminals managed to blackmail victims into paying almost the full amount they first asked for.
For example, researchers cite an incident by the BlackCat ransomware gang that saw cyber criminals demand a payment of$9 million for a decryption key and walking away with$8.5 million.
Sometimes ransomware attackers get much less than they demand; in one case, cyber criminals behind a Suncrypt ransomware attack made a ransom demand of$12 million, only to get paid just$200,000