Cyberattacks against organisations are now a matter of “how often” and not “if”, says Danny Allan, chief technology officer (CTO) at data security firm, Veeam.
Allen’s remarks come with the release of the results found in Veeam’s Ransomware Trends report for 2023. The report shares insights derived from 1,200 IT leaders whose organisations suffered from at least one ransomware attack in 2022. In the 12 months that the survey was conducted, there were also nearly 3,000 cyberattacks that took place among these organisations.
According to Veeam’s 2023 Data Protection Trends Report, 85% of the organisations polled had suffered from at least one cyberattack in the last 12 months, up from the 76% of the same number of organisations polled during the year before.”
“The report shows that today it’s not about if your organisation will be the target of a cyber-attack, but how often. Although security and prevention remain important, it’s critical that every organisation focuses on how rapidly they can recover by making their organisation more resilient,” says Allan.
In this year’s report, it was also found that one in seven organisations will see over 80% of its data affected as a result of a ransomware attack.
In addition, about 93% of attackers are found to almost always target backups during cyberattacks and are successful in debilitating their victims’ ability to recover about 75% of their data.
See also: 72% of organisations have had attacks on their backup repositories
To pay or not to pay?
For the second straight year, the majority (80%) of the respondents ended up paying the ransom to end an attack to recover their data, four percentage points higher than the 76% who said they’d pay the ransom in 2022.
Of the organisations that paid, 21% were unable to retrieve their data back from the cybercriminals. However, 59% of them were able to recover their data after payment.
See also: Keys to achieving human-centred automation testing
Only 16% of the organisations polled avoided paying the ransom as they were able to recover from backups. The figure is, however, three percentage points down from the 19% in 2022’s survey.
On ensuring whether their data is “clean” during the recovery or restoration process, it was found that 44% of respondents complete some form of isolated staging to re-scan data from backup repositories prior to reintroduction into the production environment. This means that the remaining 56% run the risk of re-infecting the production environment by not having the means to ensure clean data during the recovery process.
Cyber insurance becoming too expensive
The report also reveals that relying on cyber insurance is becoming less feasible as such policies are becoming too expensive. More than one-fifth (21%) of the organisations polled stated that ransomware is now specifically excluded from such policies. Of the organisations that have cyber insurance, 74% saw their premiums increase, while 43% saw increased deductibles. Another 10% saw their coverage benefits reduced.
To this end, Veeam’s CTO Allan notes that companies need to “focus on effective ransomware preparedness”.“[This is done] by focusing on the basics, including strong security measures and testing both original data and backups, ensuring survivability of the backup solutions, and ensuring alignment across the backup and cyber teams for a unified stance,” he says.