For the second straight year, Veeam surveyed organizations that experienced ransomware attacks. The comprehensive 2023 Ransomware Trends study collected responses from 1,200 IT leaders in organizations of all sizes from every major market in the world. Their answers will raise some eyebrows and hopefully inspire you to take action to protect your organization.
Cyberattack and Ransomware Trends That Should Keep You Up at Night
The first stat in the report is probably something business leaders already know: Cyberattacks are increasing. Veeam reports a 12% increase from 2021 to 2022. The report also points out that, in response, 90% of businesses have a risk management group responsible for creating a plan to keep their data safe. However, only 35% had any confidence in their security team’s ability to protect their data.
One of the things shaking organizations’ confidence is the odds of recovering after a ransomware attack. Only 16% of companies were able to recover their data without paying a ransom. On the other hand, 80% paid, even though over 40% of respondents stated their organization had a “do not pay” policy.
Another troubling fact is that paying up is no guarantee. One out of every four who paid the ransom still could not recover their data.
What’s in the Crosshairs?
Nearly half of all respondents said the attacks affected critical production data like email accounts, databases, and sensitive files. Backups were explicitly targeted in 93% of attacks, with backup repositories affected in 75% percent of those attacks. Babe Ruth, Wayne Gretzky, and Brett Favre all reached the Halls of Fame in their sports without getting anywhere near that level of success rate.
Another ransomware trend is lengthy recovery time. Ransomware groups are primarily interested in monetizing locked-up data and systems, but they may also revel in disrupting normal operations. Recovering from attacks took respondents an average of 3.4 weeks. That translates to a total downtime of 136 business hours. Worse, more than half of businesses faced the possibility of reinfection while restoring their data in the aftermath of the attack.
What About Insurance?
Unfortunately, 21% of cyberattack victims found out the hard way that their insurance did not cover the ransom payments. While 77% percent did convince their insurance providers to cover costs, nearly three-quarters of those organizations saw their premiums increase. Many also received increased deductibles and reduced coverage benefits. It turns out that hoping your insurance will bail you out is not an effective security strategy.
Now, the Good News
Key takeaways from organizations that successfully recovered data after an attack can help you create an effective data security strategy.
Immutable cloud storage was the backup strategy of choice for 82% of companies that could recover from ransomware attacks without paying. Among the companies that successfully recovered, 88% used immutable clouds, and 64% used immutable disks and tape. More than half of survey respondents stated that their organizations planned on a hybrid recovery that includes the cloud and on-premises servers. Hyperscale cloud and Disaster Recovery as a Service (DRaaS) were the most popular responses for how IT specialists anticipated accomplishing alternate site recovery.
Three key technologies emerged from the survey as keys to an organization’s ability to recover from ransomware attacks.
- Immutable storage, both on disk and in the cloud, combined with air-gapped media to ensure clean recovery emerged as the number one takeaway.
- Staged recovery to protect against reinfection during recovery also showed its value.
- Hybrid IT structures will become even more important in the future.
How Will Your Business Respond When the Time Comes?
When you consider current ransomware trends, you’ll see it’s not a matter of if but when you will experience a ransomware attack. Veeam points out that becoming a cyberattack victim is more probable than experiencing business disruption and data loss from a fire or flood.
The report also found that the best way to ensure you can recover from a ransomware attack is secure, immutable backup.
The question now is will you be a victim who pays the criminals and hopes they spare your data? Or will you be ready to restore your data and get back to business quickly?
Let us help you take the guesswork out of your strategy. Contact us to start a discussion about a plan that works.