The threat of ransomware is becoming widespread among corporations, with almost half of U.S. businesses suffering an attack from the nasty form of malware recently, according to a new survey.
Security firm Malwarebytes sponsored the study, which found in June that 41 percent of U.S. businesses had at least encountered between one to five ransomware attacks in the previous 12 months. Another 6 percent saw six or more attacks.
The study surveyed corporations in the United States, Canada, United Kingdom, and Germany to gauge how ransomware affected their operations.
The malware, which can infect a computer and take the data hostage, can be bad for business. 34 percent of the victim corporations in the countries surveyed reported losing revenue because the ransomware had prevented access to important files.
U.S. businesses victimized by the malware generally didn’t suffer a heavy toll, and only 6 percent of them reported losing revenue. In most cases, the malicious code only affected personal files.
The survey also looked at how the ransomware was affecting these enterprises, and found that generally the malware had been designed to affect desktop PCs or laptops. The infection often came through links and attachments inside emails, or from a website or web application.
The response of companies to the threat varied across countries. In the United States, only 3 percent of the businesses hit by the ransomware decided to pay the hackers.
That’s a big difference from the Canadian businesses surveyed, of which 75 percent said they agreed to pay the ransom.
The survey said this was probably because the ransomware attacks in the United States often target lower-level employees and tend to only infect a few computers.
More amateur cyber criminals are probably indiscriminately spreading ransomware in the United States like spam, the survey added. Low-level ransom demands of up to $500 are prevalent in the United States. However, high ransom demands of over $10,000 are more common in Germany.
Malwarebytes sponsored Osterman Research to conduct the study by surveying 540 CIOs, CISOs, and IT directors across the four countries.