Ransomware, companies surrender to hackers: 76% pay ransom

Veeam report: Only 52% are able to recover data and 24% fail to restore information, despite payment. Orchestration, business alignment and diversification of the repository are the strategies behind effective prevention 19 May 2022 L. O.

Cybersecurity, companies are losing the battle against ransomware. Veeam's Ransomware Trends Report 2022 shows that 72% of companies have suffered partial or complete attacks on their backup archives, with a dramatic impact on the ability to recover data without paying the ransom. Among the companies affected, 76% paid the ransom to end an attack and recover data. But while 52% paid and managed to recover data, 24% were unable to recover any data despite payment. Recover data without paying The report reveals that 19% of companies did not pay any ransom because they managed to recover their data. This is what the remaining 81% of cyber victims must aspire to: recover data without paying the ransom. 80% of successful attacks targeted known vulnerabilities, underscoring the importance of patching and updating software. Almost all attackers attempted to destroy backup repositories to disable data recovery capability in case of non-payment. More collaboration between companies "Ransomware has democratized data theft and requires a collaborative effort by companies in every industry to maximize their ability to remedy and recover data without paying a ransom," said Danny Allan, CTO of Veeam . Paying cybercriminals to restore data is not a strategy for data protection: there is no guarantee of data recovery, the risks of reputation damage and loss of customer trust are high and, above all, it feeds and rewards criminal activity." "One of the hallmarks of a solid strategy for Modern Data Protection is the commitment to adopt a clear policy according to which the company will never pay a ransom, but will do everything in its power to prevent, remedy and recover. Despite the pervasive and inevitable threat of ransomware, the idea that companies are powerless in the face of it is not always true. Educate employees and make sure they practice flawless digital hygiene; regularly perform rigorous testing of data protection solutions and protocols; create detailed business continuity plans that prepare key stakeholders for worst-case scenarios." Collaboration between IT managers and users The attack surface for criminals is very large, the report reads. Most of the time cybercriminals have gained access to production environments through users who have clicked on malicious links, visited unsafe websites or responded to phishing messages, thus emphasizing that many incidents can be avoided. Once you gain access to your IT environment, there are no major differences in infection rates between data center servers, remote office platforms, and cloud-hosted servers. In most cases, intruders have exploited known vulnerabilities, including those of the most common operating systems and hypervisors , NAS platforms and server databases, leaving no stone unturned and exploiting any unpatched or, more simply, outdated software. Finally, significantly higher infection rates have been reported by security professionals and backup administrators, compared to IT operations or CISOs, highlighting how those who are closer to a problem, can see it more clearly. Protection to prevent Respondents confirmed that 94% of attackers attempted to destroy backup repositories, and in 72% of cases, this strategy was at least partially successful. Removing a company's backup is a widespread attack strategy since it increases the likelihood that victims have no choice but to pay the ransom. The only way to protect yourself from this scenario is to have at least one immutable or air-gapped layer within the data protection framework – a strategy used by 95% of respondents. Many companies have said they have some level of immutability or air-gap media in more than one level of their disk, cloud, and tape strategy. Orchestration, sxirndalr alignment and diversification of the respository – recommends the eport – are the basis of an effective preventive strategy.