RESEARCH & RESOURCES

More Than 1 in 5 Companies Have Suffered a Ransomware Attack, Survey Finds

Ransomware study conducted by cybersecurity firm Hornetsecurity also found that almost 1 in 10 ransomware victims paid the ransom.

Note: TDWI’s editors carefully choose press releases related to the data and analytics industry. We have edited and/or condensed this release to highlight key information but make no claims as to its accuracy.

A recent survey of more than 820 businesses found that 21 percent of respondents had been the victim of a ransomware attack to date. Ransomware is one of the most common and effective forms of cyber threat, whereby attackers encrypt an organization’s data, rendering it unusable until a ransom is paid.

Of the 21 percent of companies that reported a ransomware attack, 9.2 percent recovered the data by paying the demanded ransom. The remaining respondents recovered the ransomed data through backups, though some still reported loss of data in the process.

According to the survey, companies with 201-500 employees reported the highest incidence of ransomware attacks (25.3 percent), while those employing 1-50 had the lowest (18.7 percent). In geographical terms, 19.6 percent of North American companies reported attacks, while those 21.2 percent of those based in Europe reported the same.

More than One in Seven Companies Do Not Protect Backups from Ransomware

Approximately 15.2 percent of all survey respondents indicated that their company does not protect their backups from ransomware. Moreover, the survey also found that 17.2 percent of reported ransomware attacks targeted backup storage. These results reveal a cause for concern: that standard on-site backups do not offer 100 percent protection against ransomware attacks. Indeed, backups must be protected against ransomware attacks through methods such as air-gapped, offsite storage or immutable storage -- two commonly reported protection methods in this survey. Additionally:

  • 9 percent of respondents also reported having no disaster recovery plan in place, meaning they are typically unprepared and unequipped to deal with an attack.
  • 7 percent of companies do not provide training to end-users on how to recognize and flag potential ransomware attacks.

End users represent one of the most effective methods of entry for ransomware attackers. Through social engineering techniques such as email phishing, end users are manipulated into providing opportunities for malicious software to be introduced into company systems. According to this survey, more than 1 out of every 4 organizations (28.7 percent) do not provide training to end users about how to recognize and handle potential ransomware threats.

Most Common Forms of Backup and Ransomware Protection and Prevention

Slightly more than 7 in 10 (71.3 percent) companies changed the way they back up their data in response to the threat of ransomware. The two most common forms of prevention observed in the survey are end-point detection software with anti-ransomware capabilities (75.6 percent) and email filtration and threat analysis (76.1 percent). Air-gapped, offsite storage is reported to be used 47.8 percent of the time -- a low percentage when considering its effectiveness at enabling extraordinary data recovery.

To read more survey results and more in-depth analysis, click here.

TDWI Membership

Get immediate access to training discounts, video library, research, and more.

Find the right level of Membership for you.