The exploded adoption of the internet, mobile, and wfh (work from home) culture is resulting in a big challenge for companies across the globe – dealing with ransomware attacks. And guess what, most of the companies are losing the battle against cybercriminals as the attacks are targeted at known vulnerabilities — reinforcing the importance of patching and upgrading software.
According to the latest Veeam 2022 Ransomware Trends report, 76% of companies who participated in the study admitted to paying ransomware to cybercriminals despite investing a whopping amount into network & data security.
To make the companies helpless, almost every ransomware attacker first destroys backup repositories to cripple the victim’s ability to recover without paying the ransom.
The report underlines the above fact by highlighting that 94% of ransomware attackers try to delete backup repositories. 72% of organizations had partial or complete attacks on their backup repositories in the past 12 months, dramatically impacting the ability to recover data without paying the ransom. What is more concerning is the fact that
The findings are based upon the survey of 1,000 IT professionals whose organizations were successfully targeted by ransomware criminals at least once during the past 12 months. It adds a lot of creditability to the report, which is the largest of its kind.
Is paying ransom to cybercriminals the safest strategy for organizations to get back on track with all seized data?
The report also digs deep to learn how companies overcame the challenge once attacked with ransomware. And, the findings portray quite a worrisome scenario;
- Only 52% of organizations that paid ransom to cybercriminals were able to recover data.
- Despite paying ransom to cybercriminals 24% of organizations failed to recover data.
19% of organizations that were attacked but decided not to bow down to cybercriminals, were able to recover data successfully. Though the percentage of such organizations is on the lower side, it sets a great example for other organizations not to panic or give up easily. As more companies will disappoint ransomware attackers by recovering data without paying a dime, the cybercriminals will be discouraged and may stop putting the efforts required to channel ransomware attacks.
“One of the hallmarks of a strong Modern Data Protection strategy is a commitment to a clear policy that the organization will never pay the ransom, but do everything in its power to prevent, remediate and recover from attacks,” said Danny Allan, CTO at Veeam.
Ransomware attack recovery: Prevention is better than cure
Organizations must draw a clear and strong policy of not entertaining requests of ransomware attackers. Besides, educating employees to practice impeccable digital hygiene; conducting rigorous tests of your data protection solutions and protocols at regular intervals, and creating detailed business continuity plans that prepare key stakeholders for worst-case scenarios, are some of the best practices to keep an organization safe from facing such attacks.
The production environment is the favorite gateway for cybercriminals. Employees tend to click malicious links, visit unsecured websites, or even engage with phishing emails in a bid to solve their development-related challenges. Once cybercriminals succeed in gaining access to the network, they leave no stone unturned to take advantage of known vulnerabilities in databases or exploit outdated software, unpatched operating systems, etc.
So, what’s the best way to recover easily in case of such attacks are successful?
The report suggests that organizations must have at least one immutable or air-gapped tier within the data protection framework. In fact, many organizations reported having some level of immutability or air-gap media in more than one tier of their disk, cloud, and tape strategy.
According to another report, ransomware attacks have increased by 24% YoY globally. The number of attacks is increasing at an alarming rate and this has caught the attention of cybercriminals who work in a more organized fashion than many other organizations. Ransomware gangs look alarmingly like legitimate businesses with clear management structures. Cybercriminals have developed sophisticated negotiation techniques with victims and refined their methods for extortion over the years. Such optimization helps them to extort a whopping amount as ransom payment the victim organization can afford.
