Almost half of US businesses hit by ransomware, says study

US companies rarely paid the ransom

The threat of ransomware is becoming widespread among corporations, with almost half of U.S. businesses suffering an attack from the nasty form of malware recently, according to a new survey.

Security firm Malwarebytes sponsored the study, which found in June that 41 percent of U.S. businesses had at least encountered between one to five ransomware attacks in the previous 12 months.

Another 6 percent saw six or more attacks.

The study surveyed corporations in the U.S., Canada, U.K. and Germany to gauge how ransomware affected their operations.

ransomware figure

The malware, which can infect a computer and take the data hostage, can be bad for business. 34 percent of the victim corporations in the countries surveyed reported losing revenue because the ransomware had prevented access to important files.

U.S. businesses victimized by the malware generally didn’t suffer a heavy toll and only 6 percent of them reported losing revenue. In most cases, the malicious code only affected personal files.

The survey also looked at how the ransomware was affecting these enterprises, and found that generally the malware had been designed to affect desktop PCs or laptops. The infection often came through links and attachments inside emails, or from a website or web application.

The response of companies to the threat varied across countries. In the U.S, only 3 percent of the businesses hit by the ransomware decided to pay the hackers.

That’s a big difference from the Canadian businesses surveyed, of which 75 percent said they agreed to pay the ransom.

The survey said this was probably because the ransomware attacks in the U.S. often target lower-level employees and tend to only infect a few computers.

ransomware figure2 Osterman Research

More amateur cyber criminals are probably indiscriminately spreading ransomware in the U.S. like spam, the survey added. Low-level ransom demands of up to US$500 are prevalent in the U.S. However, high ransom demands of over $10,000 are more common in Germany.

Malwarebytes sponsored Osterman Research to conduct the study by surveying 540 CIOs, CISOs and IT directors across the four countries.

Join the Computerworld newsletter!

Error: Please check your email address.

More about MalwarebytesOsterman Research

Show Comments