While 80% of surveyed respondents pay the ransom after a ransomware attack, only one out of five were able to recover their data. Even fewer organizations (only 16%) recovered without paying ransom, declining from 19% in the previous study. Moreover, the 2023 Ransomware Trends Report published in May 2023 revealed that 93% of cyberattacks directly targeted backup repositories. This report contains insights on protecting the repositories and use of immutability, including:
- Were you able to recover after paying the ransom?
- Did the ransomware attack target backup repositories?
- How many of the backup repositories did the cyber criminals modify or delete?
- How are offline, air-gapped or immutable backups used to protect repositories?
- How much of an organization’s storage capacity for their disk-based backup repository is resistant to ransomware?
In terms of resiliency to ransomware, only half of disk-based storage is considered survivable and is slightly higher for large enterprises. Lessons learned on how organizations are protecting repositories using air-gapped or immutable backups showed that 82% have adopted a pathway towards immutable cloud. These results identified a considerable increase in use of cloud services, including BaaS or DRaaS, compared to the prior study. Over two-thirds of organizations currently use immutable disks and tape in their existing IT environment. Watch this video for more highlights or see the 2023 Data Protection Trends Report from Veeam that was contracted with a global research firm to survey organizations of all sizes across 14 countries around the world.
The 2023 Ransomware Trends Report provides insights into:
- Organizational alignment between cyber and backup teams — and their executive leadership
- What is in most risk management roadmaps and incident response playbooks?
- How were ransoms paid and what is changing in cyber insurance?
- How many organizations — even if they had policies not to — were able to recover?
- How pervasive was the attack and how much data were they able to eventually recover?
- Were the criminals able to affect the backup repositories or were they prevented from doing so?
- How did organizations ensure they would not reinfect their environments during recovery?
The first look at the Ransomware Trends 2023 data was presented at VeeamON 2023, the Community Event for Data Recovery Experts in May 2023. Over the next several weeks, we’ll be looking at the topics below, unpacking the research results and discussing how these findings are affecting cyber resiliency strategies for 2023 and beyond.
Be sure to check out our June 20 LinkedIn Live session on continued coverage in this series — and keep an eye out for more in this blog series, with additional blog posts and corresponding livestream sessions:
- What are organizations’ recovery strategies moving forward and how do they intend to recover from the next cyberattack or other disaster?
- How do you ensure you are not re-infecting your environment during recovery?
We hope to connect with you on the June 20 LinkedIn Live session, and remember to download the full report at 2023 Ransomware Trends Report.
If you have questions about this or any of Veeam’s many other research projects, feel free to contact us at StrategicResearch@veeam.com.
About the 2023 Ransomware Report: the 2023 Ransomware Trends Report is the latest and largest research report based on unbiased cyber victims in the history of backup and availability, as surveyed by an independent research firm with 1,200 responses from 14 countries that summarizes nearly 3,000 cyberattacks. Download the full 2023 Ransomware Trends Report to get access to all the lessons learned from other CISOs, SecPros, IT Ops and Backup Admins. Want to learn more about cyber resiliency solutions at Veeam? Visit the Veeam Ransomware Solutions page.