A third of those who paid the ransom were unable to recover their data, according to Veeam's study.
A study conducted by Veeam – a backup, recovery and data management solutions provider – has found that 72% of organisations have had partial or complete attacks made against their backup repositories in 2021.
Titled Veeam 2022 Ransomware Trends Report, the study surveyed the views of 1,000 IT leaders whose organisations had been successfully attacked by ransomware at least once during the past 12 months.
Of the successful attacks made, 80% of the attackers were found to have targeted known vulnerabilities.
About 94% of the attackers tried to prevent victims from seeking their own means of recovery without paying the ransom by attempting to destroy organisations’ backup repositories. In 72% of cases, the strategy was found to have been partially successful.
The study also found that paying the ransom to attackers isn’t a surefire way to recover data. One out of three cyber-victims that paid the ransom were unable to recover their data.
On the bright side, 19% of victims did not pay the ransom as they were able to recover their own data. Being able to do so without being at the mercy of attackers is something organisations must aspire to.
“Paying cybercriminals to restore data is not a data protection strategy. There is no guarantee of recovering data, the risks of reputational damage and loss of customer confidence are high, and most importantly, this feeds a self-fulfilling prophecy that rewards criminal activity,” says Danny Allan, Veaam's chief technology officer.
“One of the hallmarks of a strong modern data protection strategy is a commitment to a clear policy that the organisation will never pay the ransom, but do everything in its power to prevent, remediate and recover from attacks,” he adds.
According to Veeam, the only way to prevent attackers from breaching the system is to have at least “one immutable or air-gapped tier within the data protection framework”.
Following the cyber attacks, 95% of the organisations surveyed stated that they now have at least one immutable or air-gapped tier, with many reporting some level of immutability or air-gap media in more than one tier of their disk, cloud and tape strategy.
“Despite the pervasive and inevitable threat of ransomware, the narrative that businesses are helpless in the face of it is not an accurate one,” says Allan.
Instead, he suggests that organisations “educate employees and ensure they practice impeccable digital hygiene”.
He adds that organisations should “regularly conduct rigorous tests of [their] data protection solutions and protocols, and create detailed business continuity plans that prepare key stakeholders for worst-case scenarios.”