More than a third of organizations worldwide have suffered a ransomware attack or breach that has blocked access to systems or data in the past 12 months, according to IDC research. Also according to a study, among those companies that were victims of ransomware, a good part were targeted by various ransomware events.
“As cybercriminals’ greed has been fueled, ransomware has evolved in sophistication, moving sideways, elevating privileges, evading detection, exfiltrating data and taking advantage of multiple extortion. Welcome to the dark side of digital transformation!” said Frank Dickson, vice president of cybersecurity products program at IDC.
The incident rate was notably lower in US-based companies (7%) compared to the worldwide rate (37%). Manufacturing and finance had the highest rates of ransomware incidents, while transportation, communications and utilities and media had the lowest rates.
Only 13% of organizations reported experiencing a ransomware attack/violation and not paying the ransom. While the average ransom payment was nearly a quarter of a million dollars, in some major attacks ransom payments were over $1 million, skewing the average.
Increased awareness of ransomware incidents has prompted organizations to take a variety of actions in response. This includes reviewing and certifying security practices and data protection/recovery with partners and vendors; periodic stress testing of cyber response procedures; and greater sharing of threat intelligence with other organizations or government agencies. Increased awareness of incidents has also prompted requests from boards of directors to review security practices and procedures for responding to ransomware.
Analysis of the survey results also showed that organizations that are more advanced in their digital transformation (DX) projects were less likely to experience a ransomware attack. These are organizations that have committed to a long-term DX investment plan, with a multi-year approach linked to business strategy.
For the survey, IDC polled nearly 800 IT decision makers and influencers worldwide, covering topics such as board attention, ransomware payouts, ransomware attack size, number of ransom payouts, and data exfiltration.