IDC's new survey finds many vctims are held to ransom multiple times as attacks become more sophisticated.
A new survey by International Data Corporation (IDC) found that more than a third of organisations worldwide has experienced a ransomware attack or breach that blocked access to systems or data in the previous 12 months.
For those that fell victim to ransomware, it is not uncommon to have experienced multiple ransomware events.
Wall Street to Main Street
"Ransomware has become the enemy of the day; the threat that was first feared on Pennsylvania Avenue and subsequently detested on Wall Street is now the topic of conversation on Main Street," said Frank Dickson, Program VP, Cybersecurity Products at IDC.
"As the greed of cybermiscreants has been fed, ransomware has evolved in sophistication, moving laterally, elevating privileges, actively evading detection, exfiltrating data, and leveraging multifaceted extortion. Welcome to digital transformation's dark side!"
Key findings from the survey include:
• The incident rate was notably lower for companies based in the United States (7%) compared to the worldwide rate (37%).
• Manufacturing and finance reported the highest rates of ransomware incidents and transportation, communication, utilties and media industries reported the lowest.
• Only 13% of organisations reported experiencing a ransomware attack or breach and not paying a ransom.
• While the average ransom payment was almost a $250,000 (€213,000), a few large ransom payments for more than $1 million skewed the average.
Greater awareness of ransomware incidents has prompted organisations to undertake various actions in response. They include: reviewing and certifying security and data protection and recovery practices with partners and suppliers; periodically stress-testing cyber response procedures; and increased sharing of threat intelligence with other organisations and/or government agencies.
Greater awareness of awareness has prompted requests from boards of directors to review security practices and ransomware response procedures.
Analysis of the survey results also showed that organisations that are further along in their digital transformation efforts were less likely to have experienced a ransomware event. These are organisations that have committed to a long-term digitalization investment plan with a multi-year approach tied to enterprise strategy.
The report, IDC's 2021 Ransomware Study: Where You Are Matters!, presents findings from the Future Enterprise Resiliency & Spending Survey of nearly 800 IT decision makers and influencers.
The July 2021 survey focused on topics such as attention by the board of directors, ransomware payments, size of the ransomware, number of ransomware payments, and the exfiltration of data.