The Register: “Despite warnings not to pay ransomware operators, almost half of those infected by the malware send cash to the crooks who planted it, according to infosec software slinger Sophos. The vendor surveyed 3,400 IT pros in early 2025 about their experiences over the last year and found 49 percent paid ransoms on their stolen data. That’s the second highest payment rate in six years, second only to the 56 percent payment rate from last year. Sophos also found that crooks have reduced the sums they demand by a third since 2024, and the median ransom payment fell by 50 percent. So while many victims are paying ransoms, their outlays are falling. 53 percent of respondents said they paid less than the initial ransom demand, which Sophos’s researchers feel is an indicator that “companies are becoming more successful at minimizing the impact of ransomware.” However organizations still fall victim to ransomware through well-known bad practices. The study found 32 percent of ransomware incidents flow from attackers exploiting a known vulnerability. Additionally, 40 percent of victims admitted their attackers “took advantage of a security gap they were not aware of.” The use of backups to restore data is also at a six-year low, with just 54 percent of companies opting to avoid dealing with threat actors by rolling back to a known good state. “For many organizations, the chance of being compromised by ransomware actors is just a part of doing business in 2025,” said SOPHOS field CISO Chester Wisniewski. “The good news is that, thanks to this increased awareness, many companies are arming themselves with resources to limit damage.” You can read the full report here [PDF].