Survey: Backups Are Prime Targets for Ransomware Attacks, Most Remain Exposed

Organizations with the proper data protection architecture are poised to mitigate, if not prevent, business disruption from ransomware attacks, Veeam officials emphasized during this week’s VeeamON 2023 conference in Miami.

However, only some organizations have successfully recovered data without paying ransoms, and even the many that have paid did not recover all their data. According to Veeam’s 2023 Ransomware Trends Report, most respondents, 85%, were victims of at least one ransomware attack in the past year.

Veeam’s Jason Buffington

“Ransomware is a when, not an if,” said vice president of market strategy Jason Buffington, noting that drove the data presented in the study. According to the survey of 1,200 cybersecurity, IT operations and backup administrators, over 93% of attackers include backups in their attacks, and they are successful in 75% of their efforts.

In 39% of those incidents, their backups are entirely lost, according to the survey of 1,200 cybersecurity, IT operations and backup administrators. Buffington noted that the study was conducted by a third-party research firm and fielded to organizations of all sizes worldwide, irrespective of their technology providers.

While 41% reported that they have policies that prohibit paying ransoms, 80% acknowledged paying them. Only 59% could recover their data despite paying the ransom, while 21% could not retrieve it.

Veeam’s Anand Eswarm

Only 16% said they could recover everything without paying a ransom, which fell from 19% last year, a trend Veeam CEO Anand Eswaran described as alarming. “The data is stunning,” he said during the opening keynote session. “Paying ransom does not ensure recoverability.”

Surviving Ransomware Attacks

Eswaran emphasized that the key to surviving a ransomware attack is immutable backups that can’t be changed or deleted. “Now, most of you use immutable repositories in some way,” he said. “You were still unable to recover your backups without paying the ransom. And why is that? It means that you need to pay a little more attention to the architecture of the platform and the product you really use because there is clearly a gap between the promise and the execution of when companies say they offer immutable storage.”

Veeam’s Dave Russell

During a session at VeeamON, Buffington and vice president of enterprise strategy Dave Russell discussed various findings from this year’s ransomware report.

See more findings from Veeam’s latest report in the gallery above.