The article said its figures, which were mentioned in the opening paragraph of the story, came from an IBM survey.
Writer Sean Michael Kerner contradicted himself in the very next paragraph by writing that, "46% of business respondents reported that they had experienced ransomware in their organisations. Of the 46% that have been impacted by ransomware, 70% admitted that their organisation paid the ransom" (emphasis mine).
This second paragraph tallies with the survey which says: "Almost one in two executives (46%) has some experience with ransomware attacks in the workplace, and 70% of that 46% have paid to get data back." (emphasis mine)
The eWeek story about the IBM study.
Of course, 70% of 46% is not a sexy figure; it works out to 32.2% of the 600 business executives interviewed by IBM for its study. The IBM document, incidentally, is in no way sensationalist.
eWeek was given a leg up by Slashdot which ran the story with the same sensational claim: "According to an IBM Security report released on December 14, 70% of businesses impacted by ransomware end up paying the attackers."
Clearly the folks at Slashdot, who are often mistakenly referred to as editors, did not check the original source, though they did link to it.
I posted a comment about this article on Slashdot, but while my comment was published, nobody gave it a second look.
Slashdot's promotion of the false claim on ransomware.
The comment said quite clearly: "The survey clearly says that only 46% of the businesses surveyed had experienced ransomware and _of_this_ 70% had paid to get their files back. That means about 32.2% of the total sample had paid to get their files back."
Describing itself, eWeek says: "Since 1983, eWEEK has been a trusted information resource in the IT industry, delivering technology news, in-depth analysis of enterprise IT trends, and reviews of new products."
It was just another day on the American fake news scene.