Ransomware Study: 78% of Attack Victims Paid Ransom; 74% Suffered Multiple Strikes
A survey of nearly 1,000 IT and security professionals shows numerous organizations were targeted by ransomware attacks in the past year with a high degree of success, with most paying a ransom — many of which paid multiple times.
Semperis, a cyber resilience firm, conducted a poll of IT and security professionals at organizations spanning multiple industries across the U.S., UK, France and Germany. The highlights of the Semperis survey include:
- 74% of respondents that were attacked for ransom in the past 12 months were attacked multiple times — many within the span of a week.
- 78% of targeted organizations paid the ransom — 72% paid multiple times; 33% of those paid ransom four times or more.
- 87% of attacks caused business disruption — even for those that paid ransom — including data loss and the need to take systems offline. For 16% of respondents, the attack created a life-or-death dilemma.
- 35% of victims that paid ransom either did not receive decryption keys or received corrupted keys.
- 49% of respondents needed one to seven days to recover business operations to minimal IT functionality after a ransomware attack, and 12% needed seven days or more.
Semperis partnered with Censuswide, an international market research consultancy in London, to conduct the detailed study in the first half of 2024. The survey included 900 IT and security professionals across multiple industries, including education, finance, healthcare, manufacturing and utilities, IT and telecommunications, and travel and transportation.