Ransomware attacks go beyond just data

65% of organizations confirmed that ransomware is one of the top three threats to their viability, and for 13%, it is the biggest threat, according to a report by Enterprise Strategy Group (ESG) and Keepit.

Organizations’ strategies against ransomware

According to the report’s findings, while ransomware attacks are sometimes kept private from the public, they are a common occurrence and represent both a significant and recurring source of business disruption. Among the 600 respondents, only 16% of those whose organization had experienced a successful ransomware attack were able to fully recover all their data after the attack, while a staggering 84% lost data they were not able to recoup.

The study sought to identify proactive and reactive strategies employed by organizations to guard against growing ransomware attacks, examine mitigation best practices, and share how organizations can be better prepared in the coming 12 to 18 months.

“Threat actors continue their attacks because, for them, it is a business model that works. In most cases, a ransomware attack results in permanently lost data, even when companies meet the ransom demand.” said Keepit CTO Jakob Østergaard.

“Of the companies in the ESG study that reported that they had experienced a successful ransomware attack and paid the ransom, 85% experienced additional extortion attempts, and 57% paid the additional fees beyond the initial ransomware demand,” Ostergaard continued.

Bold ransomware demands

Threat actors are getting increasingly bold in their ransomware demands, giving their targets no choice but to relent and pay to get their data back and restore daily operations. As a result of this ongoing and growing problem, 80% of organizations surveyed stated that they expect their spending in support of ransomware preparedness to increase over the next 12 to 18 months.

“Organizations continue to struggle with ransomware preparedness and need to establish updated strategies and processes in particular in the critical dimension of data and systems recoverability,” said Christophe Bertrand, practice director at ESG.

“The results of this study are critical to understanding the key components of data recovery after a ransomware attack, and it is our hope that the report can serve as a resource for organizations as they work towards preparedness,” Bertrand continued.

Østergaard goes on to say, “What this tells us is that no matter what a company does, fully recouping stolen data is highly unlikely. In other words, it doesn’t pay to pay. Cloud data is increasingly becoming a target for cybercriminals who really want to render businesses inoperable, and organizations are having to continually increase their expenditures on ransomware preparedness. According to the study, 74 percent of respondents are concerned that their backups could be compromised by ransomware.

Implementing measures such as the protection of cloud data and backup copies through immutable, blockchain-verified technology and encryption, as well as storing data in a completely separate, vendor-independent infrastructure, can prevent the types of data loss that have become increasingly common. These steps offer a return on investment in terms of preparedness.