According to a report by Enterprise Strategy Group (ESG) and Keepit, ransomware is considered one of the top three threats to the viability of organizations by 65% of the surveyed companies. For 13% of organizations, it is even considered the biggest threat.
The report found that ransomware attacks are not uncommon and can cause significant and recurring disruptions to businesses. Among the 600 respondents, only 16% of those whose organizations had experienced a successful ransomware attack were able to fully recover all their data. This means that a staggering 84% lost data that they were unable to recoup.
To better understand organizations’ strategies against ransomware, the study explored both proactive and reactive measures taken by companies to guard against these attacks. The goal was to identify mitigation best practices and help organizations be better prepared in the next 12 to 18 months.
Keepit CTO Jakob Østergaard highlighted the effectiveness of ransomware attacks as a business model for threat actors. In most cases, companies permanently lose their data even if they meet the ransom demand. The report revealed that 85% of organizations that paid the initial ransom also experienced additional extortion attempts, with 57% paying additional fees beyond the initial demand.
Threat actors are becoming bolder in their ransomware demands, leaving targeted organizations with no choice but to comply and pay to retrieve their data and restore daily operations. Due to the increasing severity of this problem, 80% of organizations surveyed expressed their expectation of increasing spending on ransomware preparedness over the next 12 to 18 months.
Christophe Bertrand, the practice director at ESG, emphasized the need for organizations to establish updated strategies and processes to improve their data and systems recoverability. The main focus should be on data recovery after a ransomware attack, and the report aims to serve as a resource for organizations as they work towards better preparedness.
Østergaard added that fully recovering stolen data is highly unlikely for organizations, regardless of their actions. Paying the ransom often does not lead to the complete retrieval of data. Cybercriminals are increasingly targeting cloud data, rendering businesses inoperable. Consequently, organizations have to consistently increase their expenditures on ransomware preparedness. The report revealed that 74% of respondents are concerned that their backups could be compromised by ransomware.
To address these concerns, implementing measures such as the protection of cloud data and backup copies using immutable, blockchain-verified technology and encryption can help prevent the types of data loss that have become increasingly common during ransomware attacks. Additionally, storing data in a completely separate, vendor-independent infrastructure offers a return on investment in terms of preparedness.
In conclusion, ransomware continues to be a significant threat to the viability of organizations. The majority of companies surveyed have experienced data loss due to successful ransomware attacks, with only a small percentage being able to fully recover their data. As threat actors become more audacious in their demands, organizations are compelled to increase their spending on ransomware preparedness. By implementing advanced measures such as cloud data protection and utilizing separate infrastructures, organizations can strengthen their defenses against ransomware attacks and minimize potential data loss.