Over a Third of Organizations Experienced a Ransomware Attack or Breach

Over a Third of Organizations Experienced a Ransomware Attack or Breach

Foto: Depositphotos

More than one third of organizations worldwide have experienced a ransomware attack or breach that blocked access to systems or data in the previous 12 months, according to IDC survey. And for those that fell victim to ransomware, it is not uncommon to have experienced multiple ransomware events.

"Ransomware has become the enemy of the day; the threat that was first feared on Pennsylvania Avenue and subsequently detested on Wall Street is now the topic of conversation on Main Street," said Frank Dickson, program vice president, Cybersecurity Products at IDC. "As the greed of cybermiscreants has been fed, ransomware has evolved in sophistication, moving laterally, elevating privileges, actively evading detection, exfiltrating data, and leveraging multifaceted extortion. Welcome to digital transformation's dark side!"

The incident rate was notably lower for companies based in the United States (7%) compared to the worldwide rate (37%). The Manufacturing and Finance industries reported the highest ransomware incident rates while the Transportation, Communication, and Utilities/Media industries reported the lowest rates. Only 13% of organizations reported experiencing a ransomware attack/breach and not paying a ransom. While the average ransom payment was almost a quarter million dollars, a few large ransom payments (more than $1 million) skewed the average.

Greater awareness of ransomware incidents has prompted organizations to undertake a variety of actions in response. These include reviewing and certifying security and data protection/recovery practices with partners and suppliers; periodically stress-testing cyber response procedures; and increased sharing of threat intelligence with other organizations and/or government agencies. Greater incident awareness has similarly prompted requests from boards of directors to review security practices and ransomware response procedures.

Analysis of the survey results also showed that organizations that are further along in their digital transformation (DX) efforts were less likely to have experienced a ransomware event. These are organizations that have committed to a long-term DX investment plan with a multi-year approach tied to enterprise strategy.

More from category

Government Organizations Are Increasing Investment in AI

Government Organizations Are Increasing Investment in AI

21 Oct 2021 comment

Government organizations around the world are adopting AI to help them achieve their public purpose or mission, according to Gartner.

Global PC Shipments Grow for Sixth Consecutive Quarter

Global PC Shipments Grow for Sixth Consecutive Quarter

21 Oct 2021 comment

Global PC shipments marked their sixth consecutive quarterly growth in 3Q21 at 84.2 million units, according to Counterpoint Research.

Cybersecurity and Hybrid Working are Top Priorities for Enterprise IT

Cybersecurity and Hybrid Working are Top Priorities for Enterprise IT

20 Oct 2021 comment

The pandemic has changed technology priorities for organizations worldwide, according to a report from research group Omdia on the future of work.