Wednesday, 18 May 2022 16:02

More proof that paying ransom might not save your data Featured

0
Shares
By
Veeam CTO Danny Allan

The Bad Guys are gunning for backups, and victims of ransomware attacks often didn't get what they paid for, according to the Veeam 2022 Ransomware Trends Report.

According to the report, 72% of surveyed organisations had partial or complete attacks on their backup repositories, restricting their ability to recover data without paying the ransom.

Almost all (94%) of attackers tried to destroy backup repositories, showing their business acumen. Worryingly, though not surprisingly, 80% of successful attacks targeted known vulnerabilities.

The majority (76%) of those attacked paid the ransom, but approximately one-third of those were unable to recover their data.

Consequently, "ransomware is top of mind for us," Veeam CTO Danny Allan told iTWire, adding that "security is about the first topic" for executives and IT professionals alike. "Unfortunately it took ransomware to make it happen."

“Ransomware has democratised data theft and requires a collaborative doubling down from organisations across every industry to maximise their ability to remediate and recover without paying the ransom,” he said.

“Paying cybercriminals to restore data is not a data protection strategy. There is no guarantee of recovering data, the risks of reputational damage and loss of customer confidence are high, and most importantly, this feeds a self-fulfilling prophecy that rewards criminal activity.”

He added "One of the hallmarks of a strong modern data protection strategy is a commitment to a clear policy that the organisation will never pay the ransom, but do everything in its power to prevent, remediate and recover from attacks.

“Despite the pervasive and inevitable threat of ransomware, the narrative that businesses are helpless in the face of it is not an accurate one. Educate employees and ensure they practice impeccable digital hygiene; regularly conduct rigorous tests of your data protection solutions and protocols; and create detailed business continuity plans that prepare key stakeholders for worst-case scenarios.”

That's not to say there isn't a place for preventative measures such as user training and keeping up with software patching.

But once attackers gained a foothold, there was very little difference in the infection rates between data centre servers, remote office platforms and cloud-hosted servers.

Veeam suggests the only way to protect against attacks that target backup repositories as well as production systems is to include at least one immutable or air-gapped tier within the data protection framework.

The good news is that 95% of respondents stated they now have – often in multiple storage tiers. 74% use cloud repositories that offer immutability; 67% use on-premises disk repositories with immutability or locking; and 22% use tape that is air-gapped. Furthermore, 45% of production data is stored on tape and 62% goes into a cloud at some point.

Other findings include the importance of recovery orchestration, and the alignment of cyber and business continuity/disaster recovery strategies.

The research was carried out by market research company Vanson Bourne among 1,000 unbiased IT leaders of organisations of all sizes from 16 countries in APJ, EMEA and the Americas.

Read 205 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

ENABLING MICROSOFT TEAMS IN THE CONTACT CENTRE

If you're looking at enabling Microsoft Teams for your contact centre, you should bookmark this webinar.

Marketing budgets are now focused on Webinars combined with Lead Generation.

Our panellists from Whangarei District Council (NZ) and Maurice Blackburn Lawyers (Aus) were closely involved in recent projects to enable Microsoft Teams for their own contact centres.

They have kindly agreed to join Enghouse and Microsoft to talk about some of the things they would recommend as most critical for IT and CX professionals planning a Teams Contact Centre migration.

Date: 11 May 2022
Time: 12pm AEST | 2pm NZST | 10am SGT

We look forward to having you join us. Please click the button below to register.

REGISTER HERE!

SONICWALL 2022 CYBER THREAT REPORT

The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Ransomware
Cryptojacking
Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.

GET REPORT!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Data
Tagged under
Stephen Withers

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

Latest from Stephen Withers

Related items

Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top