IDC: More Than One-Third of Organizations Have Experienced Ransomware Attack

A new survey by IDC has found that more than one third of organizations worldwide have experienced a ransomware attack or breach that blocked access to systems or data in the previous 12 months. And for those that fell victim to ransomware, it is not uncommon to have experienced multiple ransomware events.

“Ransomware has become the enemy of the day; the threat that was first feared on Pennsylvania Avenue and subsequently detested on Wall Street is now the topic of conversation on Main Street,” said Frank Dickson, program vice president of Cybersecurity Products at IDC. “As the greed of cybermiscreants has been fed, ransomware has evolved in sophistication, moving laterally, elevating privileges, actively evading detection, exfiltrating data, and leveraging multifaceted extortion.”

According to the research, the incident rate was notably lower for companies based in the United States (7%) compared to the worldwide rate (37%).

The Manufacturing and Finance industries reported the highest ransomware incident rates while the Transportation, Communication, and Utilities/Media industries reported the lowest rates.

Only 13% of organizations reported experiencing a ransomware attack/breach and not paying a ransom.

While the average ransom payment was almost a quarter million dollars, a few large ransom payments (more than $1 million) skewed the average.

Organizations that are further along in their digital transformation (DX) efforts were less likely to have experienced a ransomware event. These are organizations that have committed to a long-term DX investment plan with a multi-year approach tied to enterprise strategy.

The report, “IDC’s 2021 Ransomware Study: Where You Are Matters!” presents findings from a survey of nearly 800 IT decision makers and influencers in July 2021.

Channel Impact^®
Companies should contact their channel partners to discuss a wide variety of preventative and remedial efforts such as reviewing and certifying security and data protection/recovery practices; performing stress tests; testing cyber response procedures; and increased sharing of threat intelligence with other organizations and/or government agencies.