Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet.
Roughly a third of large international companies have faced a ransomware attack or other data break in the last 12 months, according to a new survey by the International Data Corporation, a market intelligence company.
Analysts surveyed almost 800 companies and found that companies based in the U.S. experienced ransomware attacks at a much lower rate (7 percent) than international companies (37 percent) this past year. The survey focused on companies with more than 500 employees.
“Ransomware has become the enemy of the day,” IDC’s vice president of cybersecurity products Frank Dickson said in a press release. Dickson described this recent rise in attacks as the “dark side” of digital transformation.
Sensitive and confidential data was only exfiltrated from 18 percent of the companies surveyed. In most cases, hackers accessed data that was public or not considered valuable, the company found.
Of those surveyed by the IDC, only 13 percent reported not paying a ransom in order to restore their operations. The study also found that the average ransom payment was nearly $250,000, with some outliers reaching well over $1 million.
Paying the ransom doesn’t necessarily guarantee that a company’s systems won’t experience another attack. If anything, it might highlight key weaknesses in its operations to other attackers. Cybersecurity company Cybereason recently reported that 80 percent of ransomware victims who paid ransoms experienced another attack soon after. The IDC’s survey showed that some companies experienced as many as three to 10 attacks in the past 12 months.
Companies are often forced to shut down their operations following a ransomware attack, possibly costing them more than the ransom the hackers are requesting. A third of the companies said their business operations were disrupted for at least a week following an attack, but recent research from Coveware shows that following an attack, organizations’ systems are down for an average of 21 days.
Tech companies are not the only ones suffering the brunt of these attacks. Hospitals, universities and local governments have also become recent victims. Just last year, the University of California at San Francisco paid attackers nearly $1.14 million in Bitcoin after hackers gained access to data that the school says was important to its academic research.
“As the greed of cyber miscreants has been fed, ransomware has evolved in sophistication, moving laterally, elevating privileges, actively evading detection,” Dickson said.
These attacks also have global implications. REvil’s attack on Kaseya this past year impacted only 50 of the company’s clients, but really affected the 800-1,500 businesses that their clients serviced around the world.
The study found that organizations that invested long term in cybersecurity and digital transformations were less likely to experience ransomware attacks. Ransomware attacks are only becoming more multifaceted and expensive for companies to deal with so cybersecurity needs to be more prioritized.