Announcing the 2022 Ransomware Trends Report

update notice:
The information in this blog post has been updated on November 15, 2022.

Earlier this year, Veeam published the results of the largest independent research project in the data protection industry, from 3,393 unbiased organizations across 28 countries: The 2022 Data Protection Trends Report. A few of the key findings in that research revealed:

Of those attacked, 47% of data was successfully encrypted, and of the encrypted data, only 64% was recoverable. Read that again: Simple math shows the average victim loses 17% of their data per attack.

In many ways, the annual DPR project helps Veeam understand where the industry is moving, what customers are looking for next, and ultimately, where Veeam should focus its innovations. But, as with most research projects, good data brings great questions; and that means “more research” — in this case, a complete project on the causes, impacts, remediations, and learnings from ransomware attacks. To accomplish this, Veeam again contracted with an independent research firm to survey 1,000 organizations that had been attacked by ransomware in 2021. To learn even more, they surveyed four different personas that each have unique responsibilities and perspectives regarding ransomware prevention and remediation:

Let’s dive further into some of the report’s findings.

Ransomware entry points and destinations

Similar to other attacks, ransomware breaches company defenses and focuses its attack on a certain point. The most common entry point for ransomware (according to 44% of survey respondents) was people clicking malicious links, visiting insecure websites and engaging with phishing emails.

After the breach, 80% of ransomware attacks sought mainstream systems with known vulnerabilities. The most common encryptions occurred at remote office platforms (49%), data center servers (48%) and cloud-hosted server instances (46%).

Attack effectiveness

Once data is at the mercy of hackers, a company can usually restore its environment with a backup. This fallback, however, is being challenged by hackers also looking to destroy their victim’s data backup repositories:

Not only are hackers holding data ransom through encryption, but also blocking the victim’s ability to restore data from backups. This increases the likelihood the victim will pay the ransom. Speaking of, here are our findings on payments and recovery:

Protecting backups

To prevent attackers from having the upper hand when they impact backups, many organizations are using immutable or air-gabbed backup repositories, backups that can’t be altered, to ensure recovery is possible. Most (74%) use cloud repositories that offer immutability, 67% use on-premises disk repositories with immutability or locking, and 22% use tape that is air-gapped.

Conclusion

Ransomware continues to be a major threat, affecting all types of organizations. And by sharing these statistics, we hope people will see the prevalent threat and how essential it is to have a reliable protection and backup plan in place.

There’s still more information to dive into. If you’re interested in reading the full 2022 Ransomware Trends Report, you can download it here.

Exit mobile version