Over one-third of organizations worldwide have experienced a ransomware attack or breach that blocked access to systems or data in the previous 12 months, according to new research.
A survey conducted by the International Data Corporation (IDC) found that many organizations that fell victim to ransomware experienced multiple ransomware events. In the US, the incident rate was notably lower (7%) compared to the worldwide rate of 37%.
"Ransomware has become the enemy of the day; the threat that was first feared on Pennsylvania Avenue and subsequently detested on Wall Street is now the topic of conversation on Main Street," commented Frank Dickson, program vice president within IDC’s cybersecurity products research practice. "As the greed of cyber miscreants has been fed, ransomware has evolved in sophistication, moving laterally, elevating privileges, actively evading detection, exfiltrating data and leveraging multifaceted extortion. Welcome to digital transformation's dark side.”
The research entitled IDC's 2021 Ransomware Study: Where You Are Matters! showed that the manufacturing and finance industries reported the highest ransomware incident rates. The transportation, communication and utilities and media industries reported the lowest.
When it came to paying the piper, only 13% of organizations experienced a ransomware attack and not paid the ransom. For those that did, the average ransom payment was almost $250,000, with a few large ransom payments of over $1m.
The report shared the responses of nearly 800 IT decision-makers and influencers. The July 2021 survey focused on topics such as attention by the board of directors, ransomware payments, size of ransomware, number of ransomware payments and the exfiltration of data.
Based on the responses, IDC found that companies further along in the digital transformation journey were less likely to have experienced a ransomware attack.
Joseph Carson, chief security scientist and advisory chief information security officer at ThycoticCentrify, believes that traditional cybersecurity solutions have failed to prevent ransomware from infecting organizations and creating mass disruption. He notes, “Conventional, signature-based antivirus programs are unable to prevent and detect these types of attacks due to the unique and quickly growing variants of ransomware.
“Encrypting your data doesn’t necessarily deter ransomware attacks either,” he continued. “Attackers may still threaten to publicly disclose that data, expecting that others are willing to pay for the opportunity to break the encryption.”
The research comes after Accenture, the global consulting firm, was the victim of a ransomware attack known as Lockbit 2.0. The Australian Cyber Security Centre (ACSC) also alerted organizations in the country that cyber-criminals were frequently using Lockbit 2.0 ransomware.
“The ACSC has received reporting from several Australian organizations that have been impacted by LockBit 2.0 ransomware,” said the alert. “This activity has occurred across multiple industry sectors.”
Oliver Tavakoli, CTO at Vectra, a San Jose, California-based AI cybersecurity company, explained that while the company culture of educating employees helps prevent ransomware, it will “only get you so far.”