Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime, as 41% of data is compromised during a cyberattack, according to the latest Veeam® 2024 Ransomware Trends Report.
Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime, as 41% of data is compromised during a cyberattack, according to the latest Veeam® 2024 Ransomware Trends Report. The report reveals that only 57% of the compromised data will be recovered, leaving organizations vulnerable to substantial data loss and negative business impact.
“Ransomware is endemic, impacting 3 out of 4 organizations in 2023. AI is now enabling the creation of smarter, more advanced security, but it’s also facilitating growth in the volume of sophistication of attacks,” said Dave Russell, Senior Vice President, Head of Strategy at Veeam. Russell went on to say the message is clear: ransomware attacks will continue and be worse than predicted. The outcome will mean higher costs for organizations than anticipated. organizations must take proactive measures to guarantee cyber resiliency and recognize that swift, thorough recovery is of utmost importance.
The third annual Veeam 2024 Ransomware Trends Report draws insights from vetted organizations that experienced at least one successful cyberattack in the preceding 12 months. With 1,200 responses analyzed, comprising executives, information security professionals, and backup administrators, the report provides a comprehensive overview of the evolving threat landscape.
Taking a Toll on Teams
Cyberattacks naturally affect an organization’s financial stability, but just as significant is the toll it has on teams and individuals. When a cyberattack strikes, 45% of respondents reported heightened pressure on IT and security teams. Additionally, 26% experienced a loss of productivity, while 25% encountered disruptions to internal or customer-related services.
The report shows that the human impact of cyberattacks cannot be overstated. 45% of surveyed individuals cited increased workload post-attack, while 40% reported heightened stress levels and other personal challenges that are difficult to mitigate on ‘normal’ days. These challenges, coupled with existing organizational struggles, further underscore the importance of effective cyber defense strategies.
Despite the increased focus on cyber-preparedness, organizations still face a misalignment between their backup and cyber teams. For the third consecutive year, close to two-thirds (63%) of organizations find their backup and cyber teams lacking synchronization. Adding to the misalignment challenges in organizations, 61% of security professionals and 75% of backup admins believe that the teams need either ‘significant improvement’ or that a complete system overhaul is required.
Paying the Ransom Does Not Equate to Recovery
For the third year in a row, the majority (81%) of organizations surveyed paid the ransom to end an attack and recover data. One in three of these organizations that paid the ransom still could not recover even after paying. And also for the third year in a row, more organizations ‘paid, but could not recover’ than those organizations that ‘recovered without paying.’
Contrary to the belief that having cyber insurance increases the likelihood of ransom payments, Veeam’s research indicates otherwise. Despite only a minority of organizations possessing a policy to pay, 81% opted to do so. Interestingly, 65% paid with insurance, and another 21% had insurance but chose to pay without making a claim. This implies that in 2023, 86% of organizations had insurance coverage that could have been utilized for a cyber event.
The average ransom paid is only 32% of the total financial impact on an organization after an attack. Additionally, cyber insurance won’t cover all the costs related to an attack. About 62% of the overall impact can be recovered through insurance or other methods, leaving the rest to be covered by the organization’s budget.
Relying on a “Good Backup”
The most common component of a cyber preparedness playbook is a “good backup.” While cyber and backup teams may not always be organizationally aligned, when asked about the existence of an incident response team (IRT) and whether that team had a playbook, a mere 2% of organizations lacked a pre-identified team. Additionally, only 3% had teams but without a playbook in place.
The Veeam 2024 Ransomware Trends Report presents several crucial insights about the state of data security and the challenges organizations face in safeguarding their information. These findings are particularly relevant for technical sales and professional audiences looking to understand the latest trends in cybersecurity and data protection.
Cloud and On-Premises Data Equally Vulnerable
One of the report’s most surprising findings is that cloud and on-premises data are equally susceptible to attacks. There was no significant variation in the amount of data affected, whether it was within data centers, remote offices, branch offices, or even hosted in public or private clouds. This indicates that all IT infrastructure is as easily accessible to attackers as it is to legitimate users. The seamless availability of IT resources to attackers underscores the need for robust security measures across all environments.
Risk of Reintroducing Infections During Recovery
The report also highlights a significant risk during the recovery process from ransomware attacks or major IT disasters. Alarmingly, almost two-thirds (63%) of organizations are at risk of reintroducing infections while attempting to restore IT operations. Under pressure to resume operations quickly and often influenced by executives, many organizations may skip critical steps such as rescanning data in quarantine. This oversight can lead to the inadvertent restoration of infected data or malware, compounding the damage and extending recovery times.
Importance of Ensuring Recoverable Data
A key lesson learned from previous cyberattacks is the importance of ensuring that data is recoverable and secure. The report indicates that a significant majority of organizations now recognize the value of immutability in their data protection strategies. Specifically, 75% of organizations are utilizing on-premises disks that can be hardened against attacks, and 85% are using cloud storage with immutability capabilities. This shift towards immutable storage solutions is a positive development, highlighting improved practices in data protection. However, with only half of the overall backup storage being immutable, there is still considerable work to be done to achieve optimal data security.
The full Veeam 2024 Ransomware Trends Report is available now for download at https://vee.am/RW24.
Engage with StorageReview
Newsletter | YouTube | Podcast iTunes/Spotify | Instagram | Twitter | TikTok | RSS Feed