Continue reading this on our app for a better experience

Open in App
Floating Button
Home Digitaledge In Focus

72% of organisations have had attacks on their backup repositories

Felicia Tan
Felicia Tan • 3 min read
72% of organisations have had attacks on their backup repositories
A third of those who paid the ransom were unable to recover their data, according to Veeam's study. Photo: Claudio Schwarz/ Unsplash
Font Resizer
Share to Whatsapp
Share to Facebook
Share to LinkedIn
Scroll to top
Follow us on Facebook and join our Telegram channel for the latest updates.

A study conducted by Veeam – a backup, recovery and data management solutions provider – has found that 72% of organisations have had partial or complete attacks made against their backup repositories in 2021.

Titled Veeam 2022 Ransomware Trends Report, the study surveyed the views of 1,000 IT leaders whose organisations had been successfully attacked by ransomware at least once during the past 12 months.

Of the successful attacks made, 80% of the attackers were found to have targeted known vulnerabilities.

About 94% of the attackers tried to prevent victims from seeking their own means of recovery without paying the ransom by attempting to destroy organisations’ backup repositories. In 72% of cases, the strategy was found to have been partially successful.

The study also found that paying the ransom to attackers isn’t a surefire way to recover data. One out of three cyber-victims that paid the ransom were unable to recover their data.

On the bright side, 19% of victims did not pay the ransom as they were able to recover their own data. Being able to do so without being at the mercy of attackers is something organisations must aspire to.

See also: Keys to achieving human-centred automation testing

“Paying cybercriminals to restore data is not a data protection strategy. There is no guarantee of recovering data, the risks of reputational damage and loss of customer confidence are high, and most importantly, this feeds a self-fulfilling prophecy that rewards criminal activity,” says Danny Allan, Veaam's chief technology officer.

“One of the hallmarks of a strong modern data protection strategy is a commitment to a clear policy that the organisation will never pay the ransom, but do everything in its power to prevent, remediate and recover from attacks,” he adds.

According to Veeam, the only way to prevent attackers from breaching the system is to have at least “one immutable or air-gapped tier within the data protection framework”.

See also: Human element still important for effective mass communication

Following the cyber attacks, 95% of the organisations surveyed stated that they now have at least one immutable or air-gapped tier, with many reporting some level of immutability or air-gap media in more than one tier of their disk, cloud and tape strategy.

“Despite the pervasive and inevitable threat of ransomware, the narrative that businesses are helpless in the face of it is not an accurate one,” says Allan.

Instead, he suggests that organisations “educate employees and ensure they practice impeccable digital hygiene”.

He adds that organisations should “regularly conduct rigorous tests of [their] data protection solutions and protocols, and create detailed business continuity plans that prepare key stakeholders for worst-case scenarios.”

Highlights

Re test Testing QA Spotlight
1000th issue

Re test Testing QA Spotlight

Get the latest news updates in your mailbox
Never miss out on important financial news and get daily updates today
×
The Edge Singapore
Download The Edge Singapore App
Google playApple store play
Keep updated
Follow our social media
© 2024 The Edge Publishing Pte Ltd. All rights reserved.