The ransomware threat is still very much alive, with 85% of organizations having suffered from at least one such attack over the past 12 months, according to Veeam’s 2023 Ransomware Trends Report.
If this trend continues, “more organizations will suffer a ransomware attack than turn a profit,” warns the report.
Veeam also found that in 93% of ransomware incidents, the threat actors target the backup repositories, resulting in 75% of victims losing at least some of their backups during the attack, and more than one-third (39%) of backup repositories being completely lost.
The report showed that organizations are still ill-prepared to face this threat.
First, most (80%) continue to pay the ransom despite multiple advisories against it. They primarily do that to get their data back, yet 21% don’t, even after paying the ransom.
Read more: Ransomware Encryption Rates Reach New Heights
Additionally, many respondents to Veeam’s survey acknowledge that progress needs to be made in incident response. For example, despite 87% claiming they have a risk management program that drives their security roadmap, only 35% believe their program is working well and 52% are seeking to improve their situation.
Moreover, while respondents cited ‘clean backup copies’ and ‘recurring verification that the backups are recoverable’ as the most common elements of the incident response playbook in preparation against a cyber-attack, 60% of organizations say there is insufficient alignment between their backup and cyber teams.
According to Danny Allan, CTO at Veeam, these findings show that companies should focus more on recovery plans. “We need to focus on effective ransomware preparedness by focusing on the basics, including strong security measures and testing both original data and backups, ensuring survivability of the backup solutions, and ensuring alignment across the backup and cyber teams for a unified stance,” he said.
Findings from Veeam’s 2023 Ransomware Trends Report come from a survey conducted by independent market research company Vanson Bourne of 1200 IT leaders representing organizations of all sizes from 14 countries in Asia, Pacific and Japan, EMEA and the Americas. The report was presented during VeeamON 2023, an online event taking place on May 22-25, 2023, and launched to the public on May 24.