Cyberstats

Security Intelligence

VendorsExtraHop

ExtraHop

Cybersecurity reports and statistics published by ExtraHop

8 categories1 reports

Research Reports

Reports and publications from ExtraHop

2025 Global Threat Landscape Report

10/13/2025

Recent Statistics & Reports

33.3% of government sector threats were attributed to DarkSide in 2024.

10/13/2025

39.92% of manufacturing and construction organizations reported limited visibility into their entire environment.

10/13/2025

10% of organizations in the government sector experienced ransomware incidents annually.

10/13/2025
GovernmentRansomware

25.6% of government sector threats were attributed to RansomHub in 2024.

10/13/2025

13.4% of IT and security decision-makers indicated third-party/supply chain compromise as a common entry point for attackers.

10/13/2025

29.27% of ransomware incidents involved initial access as the detected phase.

10/13/2025
Ransomware detection

70% of organizations reported that they paid the ransom in 2023

10/13/2025
PaymentsRansomware

The percentage of organizations that never paid a ransom increased from 9% last year to 30% this year

10/13/2025
Ransomware

Unnamed Fortune 50 company reported a ransom payment of $75 million

10/13/2025
PaymentsRansomware payout

42.22% of finance organizations reported limited visibility into their entire environment.

10/13/2025
Visibility

33.3% of government sector threats were attributed to LockBit in 2024.

10/13/2025

4.83% of organizations reported average downtime of one week after a cyber incident.

10/13/2025
Downtime

23.26% of organizations reported average downtime of 11-24 hours after a cyber incident.

10/13/2025
Downtime

5.53% of ransomware incidents involved a ransom demand as the detected phase.

10/13/2025

37.50% of agriculture organizations reported limited visibility into their entire environment.

10/13/2025
Agriculture

23.08% of government organizations reported limited visibility into their entire environment.

10/13/2025
Government

55% of organizations reported experiencing 11 or more hours of downtime on average after a cyber incident.

10/13/2025
Downtime

In August 2024, the Rhysida ransomware group attacked the Port of Seattle, causing systems to be offline for more than three weeks.

10/13/2025
Downtime

2.33% of organizations reported average downtime of more than a week after a cyber incident.

10/13/2025
Downtime

On average, organizations take just over 2 weeks to respond to and contain a security alert from initial detection to resolution.

10/13/2025
Ransomware response

Showing first 20 results

Top Categories

Downtime
13
Ransomware
11
Ransomware detection
8
Ransomware payout
5
Payments
4
Government
3
Visibility
3
Ransomware response
3

Related Vendors

Proofpoint
17 stats
Red Canary
48 stats
CROWDSTRIKE
79 stats
Deskpro
7 stats
Kyndryl
12 stats
Cycode
10 stats