Veeam Ransomware Report: Victims Unable to Recover 43% of Affected Data

Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime, as 41% of data is compromised during a cyberattack, according to the latest Veeam® 2024 Ransomware Trends Report.

Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime, as 41% of data is compromised during a cyberattack, according to the latest Veeam® 2024 Ransomware Trends Report. The report reveals that only 57% of the compromised data will be recovered, leaving organizations vulnerable to substantial data loss and negative business impact.

“Ransomware is endemic, impacting 3 out of 4 organizations in 2023. AI is now enabling the creation of smarter, more advanced security, but it’s also facilitating growth in the volume of sophistication of attacks,” said Dave Russell, Senior Vice President, Head of Strategy at Veeam.  Russell went on to say the message is clear: ransomware attacks will continue and be worse than predicted. The outcome will mean higher costs for organizations than anticipated.  organizations must take proactive measures to guarantee cyber resiliency and recognize that swift, thorough recovery is of utmost importance.

The third annual Veeam 2024 Ransomware Trends Report draws insights from vetted organizations that experienced at least one successful cyberattack in the preceding 12 months. With 1,200 responses analyzed, comprising executives, information security professionals, and backup administrators, the report provides a comprehensive overview of the evolving threat landscape.

Taking a Toll on Teams

Cyberattacks naturally affect an organization’s financial stability, but just as significant is the toll it has on teams and individuals. When a cyberattack strikes, 45% of respondents reported heightened pressure on IT and security teams. Additionally, 26% experienced a loss of productivity, while 25% encountered disruptions to internal or customer-related services.

The report shows that the human impact of cyberattacks cannot be overstated. 45% of surveyed individuals cited increased workload post-attack, while 40% reported heightened stress levels and other personal challenges that are difficult to mitigate on ‘normal’ days. These challenges, coupled with existing organizational struggles, further underscore the importance of effective cyber defense strategies.

Despite the increased focus on cyber-preparedness, organizations still face a misalignment between their backup and cyber teams. For the third consecutive year, close to two-thirds (63%) of organizations find their backup and cyber teams lacking synchronization. Adding to the misalignment challenges in organizations, 61% of security professionals and 75% of backup admins believe that the teams need either ‘significant improvement’ or that a complete system overhaul is required.

Paying the Ransom Does Not Equate to Recovery

For the third year in a row, the majority (81%) of organizations surveyed paid the ransom to end an attack and recover data. One in three of these organizations that paid the ransom still could not recover even after paying. And also for the third year in a row, more organizations ‘paid, but could not recover’ than those organizations that ‘recovered without paying.’

Contrary to the belief that having cyber insurance increases the likelihood of ransom payments, Veeam’s research indicates otherwise. Despite only a minority of organizations possessing a policy to pay, 81% opted to do so. Interestingly, 65% paid with insurance, and another 21% had insurance but chose to pay without making a claim. This implies that in 2023, 86% of organizations had insurance coverage that could have been utilized for a cyber event.

The average ransom paid is only 32% of the total financial impact on an organization after an attack. Additionally, cyber insurance won’t cover all the costs related to an attack. About 62% of the overall impact can be recovered through insurance or other methods, leaving the rest to be covered by the organization’s budget.

Relying on a “Good Backup”

The most common component of a cyber preparedness playbook is a “good backup.” While cyber and backup teams may not always be organizationally aligned, when asked about the existence of an incident response team (IRT) and whether that team had a playbook, a mere 2% of organizations lacked a pre-identified team. Additionally, only 3% had teams but without a playbook in place.

The Veeam 2024 Ransomware Trends Report presents several crucial insights about the state of data security and the challenges organizations face in safeguarding their information. These findings are particularly relevant for technical sales and professional audiences looking to understand the latest trends in cybersecurity and data protection.

Cloud and On-Premises Data Equally Vulnerable

One of the report’s most surprising findings is that cloud and on-premises data are equally susceptible to attacks. There was no significant variation in the amount of data affected, whether it was within data centers, remote offices, branch offices, or even hosted in public or private clouds. This indicates that all IT infrastructure is as easily accessible to attackers as it is to legitimate users. The seamless availability of IT resources to attackers underscores the need for robust security measures across all environments.

Risk of Reintroducing Infections During Recovery

The report also highlights a significant risk during the recovery process from ransomware attacks or major IT disasters. Alarmingly, almost two-thirds (63%) of organizations are at risk of reintroducing infections while attempting to restore IT operations. Under pressure to resume operations quickly and often influenced by executives, many organizations may skip critical steps such as rescanning data in quarantine. This oversight can lead to the inadvertent restoration of infected data or malware, compounding the damage and extending recovery times.

Importance of Ensuring Recoverable Data

A key lesson learned from previous cyberattacks is the importance of ensuring that data is recoverable and secure. The report indicates that a significant majority of organizations now recognize the value of immutability in their data protection strategies. Specifically, 75% of organizations are utilizing on-premises disks that can be hardened against attacks, and 85% are using cloud storage with immutability capabilities. This shift towards immutable storage solutions is a positive development, highlighting improved practices in data protection. However, with only half of the overall backup storage being immutable, there is still considerable work to be done to achieve optimal data security.

The full Veeam 2024 Ransomware Trends Report is available now for download at https://vee.am/RW24.

Engage with StorageReview

Newsletter | YouTube | Podcast iTunes/Spotify | Instagram | Twitter | TikTok | RSS Feed

Harold Fritts

I have been in the tech industry since IBM created Selectric. My background, though, is writing. So I decided to get out of the pre-sales biz and return to my roots, doing a bit of writing but still being involved in technology.

Recent Posts

IBM Expands Enterprise AI Offerings with Mistral Large on watsonx.ai

IBM has announced the addition of Mistral Large to its watsonx.ai platform, reinforcing its commitment to making high-quality, performant foundation…

1 day ago

AWS Graviton4-Powered EC2 R8g Instances Go GA

AWS EC2 R8g instances powered by the latest Graviton4 processors are GA! (more…)

4 days ago

VAST Data Platform Earns High-Performance Storage Solution Certification for NVIDIA Partner Network Cloud Partners

VAST Data achieves certification as a high-performance storage solution for NVIDIA Partner Network cloud partners. (more…)

4 days ago

Giga Computing Unveils Advanced AI and Cooling Solutions

Giga Computing, a subsidiary of GIGABYTE, recently introduced solutions to tackle complex AI workloads and improve energy efficiency through advanced…

4 days ago

Azure Stack HCI: Microsoft’s Hybrid Cloud Infrastructure Solution, Release 23H2

Azure Stack HCI represents Microsoft's cutting-edge approach to hyperconverged infrastructure (HCI), offering a seamless blend of on-premises computing power with…

4 days ago

Geyser Data—Tape Backup as-a-Service

Geyser Data offers a cost-effective backup solution using Spectra Cube tape library, LTO-9 media, and BlackPearl S3-compatible object storage. (more…)

4 days ago