The Ransomware Epidemic by the Numbers

June 21, 2021

During a session of the Casualty Actuarial Society Seminar on Reinsurance in June, Alexander Podmore, AVP and cyber underwriter for Swiss Re, defined a growing problem for cyber insurers—ransomware—and shared some data to underscore just how bad things are getting.

Cyber Underwriting Changes: Is It Too Little Too Late?”

Ransomware is a form of malware that enters an insured’s network causing an encryption of data and systems, rendering them unusable until the victim restores their data and systems from backups, and incurs the relevant business interruption costs, or the victim pays a ransom demand to the hacker to provide safe return of the encryption key to restore access to the data and systems.

Citing figures from the latest quarterly report of Coveware, a firm that helps businesses remediate ransomware, Podmore noted that the average ransom payment in first-quarter 2021 was just shy of $250,000, having risen from “the low hundreds of dollars” in third-quarter 2018. In the space of two years, there has been an exponential increase, he said.

Below are some other figures and highlights from recent Coveware reports.

Sources: Quarterly reports from

Q1 2021: Ransomware Attack Vectors Shift as New Software Vulnerability Exploits Abound

Q4 2020: Ransomware Payments Decline in Q4 2020

Q3 2020: Q3 Ransomware Demands Rise: Maze Sunsets & Ryuk Returns

Q2 2020: Ransomware Attacks Split Between Enterprise & RaaS

Q1 2020: Ransomware Payments Up 33% in Q1 2020

Q4 2019: Ransomware Costs Double in Q4 as Ryuk Sodinokibi Proliferate

(Coveware: Ransomware Recovery First Responders)

In several of the quarterly reports, Coveware notes that although victims may decide there are valid reasons to pay to prevent the public sharing of stolen data, Coveware’s policy is to advise victims of data exfiltration extortion to expect that even if they opt to pay: