Ransomware on the rise, companies prioritizing disaster recovery

The rampant rise of ransomware persists, with 100% of respondents – who include ITOps, backup, disaster recovery and storage admins, application and workload owners in the U.S. – reporting that their company experienced a ransomware attack in the last 12 months, Datrium reveals.

With the evermore heightened threat of ransomware during the COVID-19 pandemic, companies are prioritizing disaster recovery and the cloud is playing a greater role as a disaster recovery site.

The research was developed to determine ransomware’s impact on businesses in the last year. The research revealed heightened concerns about the threat of ransomware during the pandemic-imposed stay-at-home mandate. It uncovers insights regarding disaster recovery strategies employed by companies and the shifts in the use of cloud disaster recovery compared to traditional approaches.

“Ransomware continues to dramatically plague businesses, and this research shows that businesses are even more concerned about it because of their newly distributed workforces resulting from the COVID-19 pandemic,” said Tim Page, CEO, Datrium.

“The current pervasiveness of remote work puts businesses in a more vulnerable position as they are more open to increased targeting by ransomware criminals.”

Rampant rise of ransomware places businesses on high alert during COVID-19

As businesses pivot their strategies to survive the economic downturn, the cost of a ransomware attack—which can be upwards of hundreds of thousands of dollars—can deal a severe blow to their bottom line.

• Nearly 96% of respondents said that their companies have become increasingly concerned about being hit with a ransomware attack during the COVID-19 pandemic. This marks an increase as compared to “The State of Enterprise Data Resiliency and Disaster Recovery 2019” study by Datrium, which found nearly 90% of companies consider ransomware a critical threat to business.
• The majority of respondents (68.5%) claimed that ransomware attacks have cost their companies between $100,000-$500,000 while 19.7% reported a loss of more than $500,000, including ransomware payment, downtime and lost business.

“At this challenging time, businesses are seeking ways to streamline operations and reduce costs. While ransomware comes with its own burden, the cost of a second data center for disaster recovery is not ideal. The pandemic is accelerating the move to cloud disaster recovery as companies find ways to adapt to a remote workforce,” said Page.

Ransomware threat makes disaster recovery a top priority for businesses

The shift to a remote workforce and growing concern of ransomware has companies rethinking their disaster recovery and security strategies. 92% of respondents reported that disaster recovery has increased in importance at their company given their newly distributed workforces.

Three in four respondents reported that their companies are concerned about ransomware during this time because:

• A remote IT team makes recovery more difficult (73.7%).
• A remote workforce makes it harder to enforce security protocols and increases the risk of attack (73.4%).

Nearly half of respondents (48.1%) said they are concerned about the growing cost of ransomware; this cost includes ransomware payment, downtime and lost business.

A cloud-centric approach to disaster recovery

The cloud offers a viable and accessible option for disaster recovery, making it possible to leverage on-demand cloud resources in a data disaster while keeping costs low. When asked what kind of disaster recovery approach businesses have in place, many respondents said that they currently or plan to leverage the cloud as part of their disaster recovery strategy.

• While 63.9% of respondents use on-prem primary storage as a disaster recovery site, 93.7% agreed they would be willing to adopt cloud disaster recovery if it could be paid for on demand in addition to protecting all data, including edge environments. This is an additional increase from “The State of Enterprise Data Resiliency and Disaster Recovery 2019” study which found that 88.1% of respondents said they would use the public cloud as their disaster recovery site if they would only have to pay for it when they need it.
• More than half of respondents (67.5%) currently use the cloud as a disaster recovery site.
• Nearly a quarter (21.2%) have a disaster recovery plan that doesn’t protect against ransomware.

“The research shows that on-demand and pay-as-you-go cloud disaster recovery is being increasingly recognized as a more efficient alternative to traditional disaster recovery approaches. This is no surprise as disaster recovery in the cloud offers flexibility with pay-as-you-go options that make disaster recovery painless and cost-efficient when responding to disasters,” added Page.

“Ransomware and disaster recovery should continue to be top priorities for businesses planning for the ‘new normal’ as we come out of this pandemic. Those who are seeking the best approach for protecting against a ransomware attack should strongly consider a cloud disaster recovery technology that combines the functionality of primary storage, backup and recovery into a single-pane solution that enables speedy and easy recovery of data from the point of attack.”

Findings from the research are based on a survey of 302 IT professionals from organizations with over 500 employees or more that have experienced a ransomware attack in the last 12 months.