Ransomware attacks are costing Government offices a month of downtime on average

News
By published

Each day of downtime costs over $80,000

ransomware avast
(Image credit: Avast)
  • New research claims downtime from ransomware attacks is costing government agencies thousands
  • The average downtime after an attack is over 27 days
  • RansomHub is the top offender

New research from Comparitech has outlined that a key underestimated aspect of ransomware is costing Government agencies thousands of dollars per day - downtime.

Of the over 1,000 confirmed ransomware attacks tracked, nearly a month’s worth of downtime was lost per attack on average, costing nearly $84,000 per day.

For government agencies, the average downtime is higher than other sectors, with healthcare averaging 16 days, and 12 days for manufacturers. Although fewer than half of all ransomware incidents end in payment, the total amount paid in previous years has hit over $1 billion, so attacks can be seriously expensive all-round.

Key targets

The research points to government entities being less equipped to overcome attacks, most likely from budget constraints leading to longer recovery times.

On average, attackers demanded $2.2 million in ransom, but it's very rarely confirmed whether a ransom is paid or not - and some governments like the UK have launched proposals which would effectively ban state run organizations from paying ransoms in order to dissuade groups from targeting them.

But this doesn’t stop attackers, with government agencies frequently topping the list of most popular targets.

Critical infrastructure organizations are increasingly at risk of geopolitically motivated attacks, looking to disrupt service providers and undermine trust in public institutions.

The report outlines that notorious group RansomHub is responsible for stealing the most data, with over 730,000 records taken since 2018. Close behind them is ALPHV with 700,000, and Brain Cipher with 650,000 records stolen.

Although it's a fairly new group, RansomHub continues to find success in attacking both public and private organizations, with the group claiming to have made a victim of MetLife earlier in 2025.

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Read more
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Less than half of ransomware incidents end in payment - but you should still be on your guard
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Bad news - businesses who pay ransomware attackers aren’t very likely to get their data back
A digital representation of a lock
The true threat of business downtime
Representational image of a cybercriminal
Should ransomware payments be illegal?
UK Government launches ransomware protection proposals
Latest in Security
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Lock on Laptop Screen
Data breach at Pennsylvania education union potentially exposes 500,000 victims
Data leak
Top collectibles site leaks personal data of nearly a million users
Spyware
Stalkerware data breach potentially hits over 2 million users, including thousands of Apple devices
An American flag flying outside the US Capitol building against a blue sky
Five Eyes "cannot replace US intel in Ukraine", claims former US Cyber Command Chief
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Criminals are using a virtual hard disk image file to host and distribute dangerous malware
Latest in News
Hornet swings their weapon in mid air
Hollow Knight: Silksong could potentially launch this year and I reckon it could be a great game for an Xbox handheld
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Apple iPhone 16 Pro Max Review
Siri's chances to beat ChatGPT just got a whole lot better
Acer Chromebook Plus line
Chromebooks aren't dead! Acer has just launched 7 new ChromeOS laptops aimed at students and professionals
Apple Watch foldable display patent
Forget the folding iPhone – Apple has patented a foldable Apple Watch with two screens
Matt Murdock looking angry in Daredevil: Born Again season 1 episode 2
Daredevil: Born Again season 2 first look images have already spoiled how the Marvel TV show's first season will end on Disney+
More about security
Data leak

Top collectibles site leaks personal data of nearly a million users
Spyware

Stalkerware data breach potentially hits over 2 million users, including thousands of Apple devices
Beatles' Abbey Road streaming on Qobuz, on a smartphone

Qobuz reveals how much it really pays per stream, and I want to see more of this transparency to help us spend money more ethically
See more latest
Most Popular
Beatles' Abbey Road streaming on Qobuz, on a smartphone
Qobuz reveals how much it really pays per stream, and I want to see more of this transparency to help us spend money more ethically
Apple iPhone 16 Pro Max Review
Siri's chances to beat ChatGPT just got a whole lot better
Data leak
Top collectibles site leaks personal data of nearly a million users
NVIDIA
Nvidia's new Game Ready Driver repeats an annoying black screen issue from previous versions - it needs fixing ASAP
Hornet swings their weapon in mid air
Hollow Knight: Silksong could potentially launch this year and I reckon it could be a great game for an Xbox handheld
Acer Chromebook Plus line
Chromebooks aren't dead! Acer has just launched 7 new ChromeOS laptops aimed at students and professionals
AMD Ryzen 9950X3D chip next to its packaging on a pink table
Asus' AI Cache Boost promises to "pump up" your AMD Ryzen 9000 processor's AI performance
Apple Watch foldable display patent
Forget the folding iPhone – Apple has patented a foldable Apple Watch with two screens
Matt Murdock looking angry in Daredevil: Born Again season 1 episode 2
Daredevil: Born Again season 2 first look images have already spoiled how the Marvel TV show's first season will end on Disney+
Spyware
Stalkerware data breach potentially hits over 2 million users, including thousands of Apple devices