Kidnapping has gained notoriety as a profitable business. Recently, the undergraduate daughter of a rich man in the Southeast ‘kidnapped’ herself to extort money from a wealthy uncle. She succeeded with the aid of her accomplices. But the police caught the syndicate. They confessed to committing the crime. Some of the members are at large. This must not be encouraged in any guise.
On The One Hand
Kidnapping and cybercriminals are the same. One occurs physically. The other is online. The two acts have connived to hold their victims to ransom. Cybercriminals are profiting from their acts. Illegally.
On The Other Hand
Despite the global clampdown on cybercrime and cybercriminals, and efforts to stop the spread of ransomware, the report from the State of Ransomware 2025, released by Sophos, a global leader in cybersecurity solutions, stated that nearly half of all victimised organisations paid ransom demands in 2025.
In The Long Term
The sixth annual edition of the Sophos report, which surveyed 3,400 IT and cybersecurity leaders across 17 countries, showed that 49 per cent of organisations hit by ransomware attacks opted to pay the ransom to regain access to their encrypted data. This is the second-highest payment rate recorded by Sophos in the last six years.
The report explained that while the median ransom demand decreased by a third compared to 2024, the median payment still stood at $1 million. This simply means that ransomware for cybercriminals is profitable. This has led 53 per cent of organisations to pay a ransom. They negotiated a lower settlement than initially demanded through a third party. This is akin to the kidnapping ransom settlement.
A friend shared the story of a security firm in Abuja that negotiated on behalf of kidnapped victims, and its engagements led the police to arrest the kidnappers. However, according to Chester Wisniewski, director and field CISO at Sophos, many organisations viewed the ransomware compromise as part of doing business in 2025. As a result, this has increased awareness among many companies.
He noted that among the companies that paid less than the initial demand, 71 per cent successfully negotiated a lower figure. While it signals an increasing awareness and tactical response among victim organisations, the report also noted persistent challenges.
This is the size of the ransom paid. The report found significant variation in ransom demands based on industry and company size. The organisations with over $1 billion in revenue faced median ransom demands of $5 million. Those earning $250 million or less received under $350,000. State and local governments reported the highest median ransom payments at $2.5 million, and healthcare organisations paid the lowest, at a median of $150,000.
The report stated that while attackers are still extracting sizable payments, the overall cost of ransomware recovery has dropped. In 2024, it was $2.73 million. It dropped to $1.53 million in 2025. What led to this reduction, Sophos noted, is the increased preparedness. Improved threat visibility. And wider use of professional response services. To remedy this in the future, organisations are advised to employ multi-factor authentication (MFA).
Although the profitability of ransomware is high. The increasing resilience among targeted organisations is a sign of hope.
In The Short Term
If cybercriminals or kidnappers had held you to ransom, tell your story so that others can be enlightened.
