Paying ransom doesn’t guarantee data recovery

OwnBackup announced the findings of a global survey conducted by Enterprise Strategy Group (ESG) that reveals a staggering 79% of respondent organizations have been targeted by ransomware within the past 12 months. Of those organizations, nearly three quarters said the attack was successful, meaning that it disrupted business operations.

Other key findings

• Of the respondents that said their organization paid a cyber ransom to regain access to data, applications, and/or systems after an attack, only 14% were able to recover all of their data.
• 87% of respondents who made ransom payments said that they experienced additional extortion attempts beyond the initial ransomware demand.
• 31% of respondent organizations targeted by ransomware indicated that application user and permission misconfigurations were the initial point of compromise.
• 87% of respondents are very or somewhat concerned about their backups being infected by ransomware attacks.

“While data backups are essential for ensuring business continuity in the event of a successful ransomware attack, their value makes them prime targets of ransomware infection themselves,” said Sam Gutmann, CEO of OwnBackup.

“By storing backups outside of production on an independent platform, companies can not only keep them safe from a potentially devastating cyberattack, but also avoid having to pay a ransom to get their data back. It’s also important to remember that data security is a team sport, and that IT, InfoSec, CISOs and others must work in unison to truly prevent attacks.”

“This research further reveals the prevalence of ransomware and just how difficult it is for organizations to fully manage the threat,” said Christophe Bertrand, Practice Director at ESG.