In a report from software company Veeam, 75% of businesses said that they’d dealt with ransomware or malware attacks in 2023. The attacks were cited as the most common cause of technology outages, and many organizations were subjected to multiple attacks over the course of the year.
Within the ransomware recovery space, this isn’t surprising news: over the past decade, ransomware has grown from a minor threat to a multi-billion dollar industry.
For victims, paying ransoms isn’t a viable option.
In 2022, about 25% of ransomware victims said that they did not recover their data after paying their attackers. Ransomware groups have strong incentives to build malware that works well — but they don’t have as much of an incentive to create decryption tools that actually help their victims.
And in many cases, paying for ransomware is illegal. Many ransomware groups are located in sanctioned countries. According to the U.S. Office of Foreign Assets Control (OFAC), payments to scammers in Russia, Iran, North Korea, and other countries may lead to fines.
Protecting against ransomware requires a proactive approach.
CISA recommends taking the following steps to prevent ransomware attacks from impacting essential operations:
- Maintain offline, encrypted backups of critical data. These backups should have multiple restore points (“golden backups” that are kept offline and less prone to infection). Backup strategies should also consider the long dormancy periods of some ransomware variants.
- Create, maintain and exercise a basic cyber incident response plan. Plans should include notification procedures for data extortion and breach incidents.
- Implement a zero-trust architecture with robust, granular access control enforcement.
Of course, these recommendations are fairly basic — but that’s the point. Without essential disaster recovery planning, organizations are at risk; the data suggests that most organizations have serious deficits.
Business leaders must take ransomware seriously in 2024.
In Veeam’s most recent survey, respondents identified the concerns that are likely to create significant retention challenges for data protection staff in 2024:
- Lack of new skills or learning opportunities.
- Inability to influence strategic direction.
- Ramifications of a cyber-attack or other disaster.
- Lack of career development/progression.
- Lack of management support.
These concerns point in one direction. Senior leadership must provide the support and resources that data protection teams need to thrive — and to prevent their enterprises from becoming part of the statistics.
Datarecovery.com can help. As experts in ransomware recovery, disaster recovery, and data protection, we work with enterprises to limit threat exposure and ensure an effective response following security incidents.
From penetration (PEN) testing and dark web monitoring to onsite ransomware recovery, we’re prepared to help businesses build robust strategies. To get started, call 1-800-237-4200 to speak with an expert or submit a request online.