76% of companies admit to paying for ransomware

Veeam presents the findings of the Ransomware Trends 2022 report at the VeeamON 2022 conference, noting that cybercriminals successfully encrypted 47 percent of production data on average and that victims recover only 69 percent of affected data. […]

According to Viam Ransomware Trends Report 2022 to lose company The battle when it comes to defending against ransomware attacks. 72 percent of organizations were partially or completely affected by attacks on backup repositories, which greatly reduced the ability to recover data without paying the ransom.

VeeamLtd., a leading provider of backup, restore, and data management solutions for modern data protection, found that 80 percent of successful attacks targeted known vulnerabilities, underscoring the importance of patches and software upgrades. Almost all attackers tried to disable backup repositories to prevent the victim from recovering data without paying the ransom.

The 2022 Veeam Ransomware Trends Report reveals findings from an independent research firm that surveyed 1,000 IT executives. company It has been successfully attacked by ransomware at least once in the past 12 months, making it one of the biggest reports of its kind.

This preliminary study examines the main points learned from these incidents, their impact on IT environments, and the steps taken to implement modern data protection strategies to ensure future business continuity. The research project specifically interviewed four IT roles (Information Security Managers, Security Professionals, Backup Administrators and IT Operations Personnel) to understand how cyber readiness works in company alignment.

“Ransomware has revolutionized and required data theft efforts company “There is a concerted effort across industries to maximize their ability to recover data without having to pay the ransom,” said Danny Allan, chief technology officer at Veeam, because paying cybercriminals to recover data is not a data protection strategy.

There is no guarantee of data recovery, the risk of damage to reputation and customer trust is high, and most importantly, rewarding criminal activity in this way increases the incentive.”

Paying the ransom is not a recovery strategy

Who were questioned? company The majority (76%) paid the ransom to stop an attack and restore data. 52 percent paid the ransom and were able to recover the data, while 24 percent paid the ransom but were still unable to recover the data.

So the probability that paying the ransom won’t lead to any data is one in three company. Notably, 19 percent of companies did not pay the ransom because they were able to recover their private data. That’s what the remaining 81 percent have to fight for: recovering data without paying the ransom.

“One of the hallmarks of a strong modern privacy strategy is commitment to a clear policy company You will never pay a ransom, but will do everything in their power to prevent, troubleshoot, and recover from attacks,” adds Alan, NA. Educate your employees and ensure they practice impeccable digital hygiene; regularly perform rigorous testing of your data protection solutions and protocols, and create detailed business continuity plans that prepare key stakeholders for worst-case scenarios.”

Prevention requires diligence on the part of IT and users

The “attack surface” of criminals is varied. Online bad guys often gained access first to production environments by tricking their victims into clicking malicious links, visiting unsafe websites, or simply replying to sent phishing emails – demonstrating again that many of the accidents. After successfully accessing the environment, there was little difference in infection rates between servers in data centers, remote office systems, and servers hosted in the cloud.

In most cases, hackers exploited known vulnerabilities, including common operating systems and hypervisors, as well as NAS platforms and database servers, leaving no effort unchanged and exploiting all outdated or outdated software and vulnerabilities they could discover. Notably, security professionals and backup administrators reported much higher infection rates than IT operations managers or CISOs, indicating that “those closest to the problem are more aware of the issues.”

Treatment begins with stabilization

Survey respondents confirmed that 94 percent of attackers tried to destroy backup repositories, and in 72 percent of cases this strategy was at least partially successful. This one “cut the lifeline” company It is a common attack strategy because it increases the likelihood that victims will have no choice but to pay the ransom.

The only way to protect against this scenario is to have at least one immutable or physically and logically isolated layer of protection as part of the data protection infrastructure – which 95 percent of respondents did company Do according to their own information. In fact, many companies have indicated that they have some degree of stability or air gap modes in more than one layer of their disk, cloud, and tape strategy.

Other important findings from Veeam Ransomware Trends Report 2022 be:

• Coordination is important: To proactively ensure recovery of their systems, one in six IT teams (16%) automates the validation and recovery of their backups to ensure their servers can recover. When addressing a ransomware attack, 46 percent of respondents use a sandbox or test area to ensure that recovered data is “clean” before rebooting systems online.
• The alignment of the organization must be consistent: 81% believe their e-business continuity and business continuity/disaster recovery strategies company coordinated. However, 52 percent of respondents believe that the interaction between these teams needs to be improved.
• The key is to diversify the repositories: Almost all organizations (95 percent) have at least one immutable or logically isolated layer of data protection. 74 percent use cloud repositories that provide stability; 67 percent use local disk repositories with a persistence or lock function; And 22 percent use non-changeable tapes. But, static or not, companies have found that in addition to disk repositories, 45 percent of production data is still stored on tape and 62 percent moves to the cloud at some point in the data lifecycle.

The full Veeam 2022 ransomware trends report is available at https://vee.am/RW22 Ready for download.