JAKARTA - A new study revealed ransomware attacks have affected more than a third of businesses worldwide over the past 12 months. And companies that were previously victims may still be targeted again.
A report from the International Data Corporation (IDC), found businesses operating in the manufacturing and finance industries had the highest rates of ransomware incidents. Others such as the transportation, communication, and utility or media industries were also targeted.
Even though law enforcement agencies and cybersecurity experts have warned against paying the ransom, as it only makes ransomware operators more dangerous, many organizations still decide to pay. In fact, IDC says only 13 percent of companies report being attacked and don't pay.
According to IDC, the average ransom payment is nearly a quarter of a million dollars. When it comes to defending against ransomware, companies in the United States (US) appear to be doing a somewhat better job than the rest of the world, as the incidence rate in the US is seven percent, compared to the global average of 37 percent.
More on how organizations respond to ransomware, IDC found that many reviewers also endorse data security and recovery practices with partners and suppliers. Some regularly test their cyber response procedures, while others tend to share as much info as possible with threat intelligence agencies and government companies.
Ransomware is Growing Fast
In addition, IDC also found that companies engaged in their digital transformation business were less likely to fall victim to ransomware attacks.
"Along with cybercriminals' greed, ransomware has grown in sophistication, moving laterally, increasing privileges, actively evading detection, extracting data, and exploiting multifaceted extortion," said Frank Dickson, Program Vice President, Cybersecurity Products at IDC.
As long as they can expect payouts, ransomware operators don't really care about target size. As MSMEs to large corporations are equally attractive to them, therefore companies need to ensure proper cybersecurity and awareness training.
As Dickson said, ransomware has evolved. At first the premise is simple, namely to encrypt all data on the target network and request payment in cryptocurrency in exchange for the decryption key. After businesses started using backup instead of paying, ransomware operators also started stealing data, and threatened to release it online if the ransom was not paid.
Today, many carriers are throwing DDoS into the mix, threatening to cripple enterprise services until their demands are met.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)