Ransomware ‘Incident Rate’ Lower for US-Based Companies: IDC
More than a third of organizations globally experienced a ransomware attack or breach that blocked access to systems or data in the past 12 months, and for those that fell victim, it was "not uncommon to have experienced multiple ransomware events,” reported IDC Thursday. Ransomware is now the “enemy of the day” and the “topic of conversation on Main Street," said analyst Frank Dickson. Ransomware threats have “evolved in sophistication” by actively “evading detection” and “leveraging multifaceted extortion,” he said. IDC analyzed ransomware attacks for the past year, finding the “incident rate” was lower for U.S.-based companies (7%) than the global worldwide rate (37%). The manufacturing and finance industries took the biggest ransomware hits, transportation, communications and media the fewest, it said. Only 13% of organizations experienced a ransomware attack without having to pay a ransom. Average ransom payments approached $250,000, but a few payments exceeding $1 million “skewed the average,” it said.