Ransomware attacks occur at a staggering rate of once every 10 seconds worldwide, leaving victims with their most crucial files and data scrambled and unreadable. In many cases, the only recourse for those targeted is to acquiesce to the demands of the cybercriminals and pay the ransom to regain control of their valuable information.

According to a recent survey, the majority of people who are targeted by ransomware attacks end up paying the ransom, but only a small fraction are able to successfully recover their data. The percentage of organizations that are able to recover their data without paying the ransom has decreased slightly in recent years. Additionally, a report published in May 2023 found that backup repositories are a popular target for cyberattacks, with a large majority of attacks directly aimed at these repositories. The report offers advice on how to protect these repositories, including the use of immutability.

1. Was it possible to retrieve the data after paying the ransom?
2. Was the ransomware attack specifically aimed at backup repositories?
3. What was the extent of the cybercriminals' damage to the backup repositories? How many of them did they modify or delete?
4. How do offline, air-gapped, or immutable backups help to safeguard repositories?
5. How much of an organization’s storage capacity for their disk-based backup repository is resistant to ransomware?

The ability of disk-based storage to resist ransomware attacks is limited, with only about half of storage considered to be survivable, although this percentage is slightly higher for larger enterprises. Many organizations are taking steps to protect their repositories by using air-gapped or immutable backups, and a significant number (82%) have adopted the use of immutable cloud as a pathway towards greater protection. Cloud services such as BaaS are becoming increasingly popular, with more organizations using them compared to previous studies. Additionally, a majority of organizations (over two-thirds) are currently utilizing immutable disks and tape in their IT environment. To learn more about these trends, you can refer to the 2023 Data Protection Trends Report from Veeam. The report is based on a survey conducted by a global research firm and includes responses from organizations of all sizes across 14 countries.

The 2023 Ransomware Trends Report offers valuable insights into various aspects related to ransomware attacks, including:

• The degree of alignment between cyber and backup teams, as well as their executive leadership within organizations.
• The most common elements found in risk management roadmaps and incident response playbooks.
• How were ransoms paid and what is changing in cyber insurance?
• The number of organizations that were able to recover from ransomware attacks, even if they had policies against paying ransoms.
• The extent of the attacks and the amount of data that was ultimately recovered.
• Whether the cybercriminals were able to affect backup repositories or if they were prevented from doing so.
• The steps taken by organizations to ensure that their environments were not reinfected during the recovery process.

Main Tips to Stay Safe Against Ransomware:

Here are some main tips to protect your business, employees, and valuable data against ransomware:

1. Identify your systems, devices, and services to understand your attack surface and develop a full recovery plan in case of an attack.
2. Keep your security systems up-to-date and use a secure email gateway solution to filter out any malicious software before it reaches your devices. Adopt basic security tactics such as using strong passwords, zero-trust between critical systems, and a web filtering tool to stop phishing attacks.

3. Isolate your backups and scan them for any malicious activity. Store them off-line and keep them isolated for stronger security.
4. Establish recovery routines to ensure the availability of your backups and the expected functionality of your systems.
5. Identify and involve off-premise expertise or consultants you trust in your security routines. Contact official security teams in your region in the event of a ransomware attack.
6. Educate your employees about ransomware and malicious attacks. Train them to defend against malicious software and their spreading tactics, using methods such as phishing simulation games, emails from executive staff, informative posters, and running your own phishing campaign to identify employees in need of further training.

By following these tips, you can better protect your organization from the damaging effects of ransomware attacks and ensure the safety of your valuable data.

If you would like to learn more about ransomware and effective defense mechanisms, we encourage you to reach out to our expert team. Our team can provide valuable insights into the latest trends and tactics used by cybercriminals, as well as offer guidance on how to protect your organization from ransomware attacks. Contact us today to learn more.