IDC: Over a third of organisations worldwide have experienced ransomware in past year

Average ransom payment stood at almost $250,000

A new survey from the International Data Corporation (IDC) has found that more than a third of all organisations worldwide have experienced a ransomware attack or breach which blocked access to systems or data in the past year.

The IDC also said that it was "not uncommon" for those that fell victim to ransomware to have "experienced multiple ransomware events" and found that the incident rate outside of the US was much higher than inside the country at 37 per cent and seven per cent respectively.

"As the greed of cyber miscreants has been fed, ransomware has evolved in sophistication, moving laterally, elevating privileges, actively evading detection, exfiltrating data, and leveraging multifaceted extortion," Frank Dickson, program vice president, Cybersecurity Products at IDC, said.

The manufacturing and finance industries reported the highest ransomware incident rates while the transportation, communication, and utilities and media industries reported the lowest rates.

Only 13 per cent of organisations reported experiencing a ransomware attack and not paying a ransom, with the average ransom payment standing at almost a quarter of a million dollars which the IDC said was skewed by "a few large ransom payments" of more than $1m.

The survey comes after big tech firms including Accenture and Kaseya were hit by cyber-attacks in recent months, with the technology sector proving to be a popular target for criminal ransomware groups.