Ransomware Attacks: Half Of All Organizations Hit By Ransomware Suffer Multiple Attacks

A new survey has revealed a startling statistic for governments and businesses that rely heavily on computer systems: organizations that have been hit by a ransomware attack are more likely to suffer from multiple attacks.

The data comes as part of the Annual Ransomware Report conducted by cloud data protection and information management firm Druva, which polled 830 information technology professionals in a number of industries.

Read: Cyberattacks: Phishing, Ransomware Attacks Rose In 2016, Symantec Reports

As the number of ransomware attacks grow, the report found that many companies are still struggling on how to respond and protect their systems. While 50 percent of those surveyed said their organization has been targeted at least once, another 50 percent indicated they had been hit on multiple occasions.

Thirty-eight percent of respondents said they were hit by two to three ransomware attacks, while 12 percent reported falling victim to 4 or more attacks, indicating that recovering from a ransomware attack doesn’t guarantee an organization is prepared for or immune from another in the future.

The majority of attacks that have hit organizations stem from endpoints—often devices used by individuals within a company who fail to follow proper security protocol and allow vulnerabilities to exist on their machine, which leads to the network becoming infected.

While 60 percent of all ransomware attacks have come from endpoint infections, one-third of all attacks target corporate servers, which can result in attacks that are far more compromising than an endpoint attack.

South Korean web hosting company Nayana recently fell victim to a server-targeted ransomware attack that took down more than 150 of its servers that hosted thousands of websites. Nayana paid the largest known ransom ever—over $1 million—just to recover from the attack.

Read: Largest Ransomware Paid: South Korean Web Host Pays More Than $1M After Attack

In most cases of ransomware attacks, it is not just a single device that is affected. The survey found that 70 percent of the time, multiple devices are hit.

This is because an attack can often go unnoticed or unaddressed until it has already spread to other machines. Those surveyed said 40 percent of the time, the ransomware was unaddressed for two hours or longer. In 11 percent of instances, it took more than eight hours for IT to be alerted to the issue.

While ransomware attacks are undoubtedly a pain, there is respite for those who are hit if they are prepared. In 82 percent of cases, organizations were able to recover from an attack simply by keeping a backup that they could restore their systems from. Ten percent lost their data completely while 5 percent paid the ransom to regain access to their data.

“It’s no longer a question of if an organization will be the victim of a ransomware attack, but when. [This report] underscores the importance of planning. Simply put, protecting data protects your bottom line,” Jaspreet Singh, CEO of Druva, said.

With widespread ransomware attacks like WannaCry and Petya hitting computer systems around the globe, companies will assuredly find themselves dealing with attempts to hold their data hostage. Being prepared for such an attack—especially with secure backups—will make the experience much less painful.