Survey: Backups Are Prime Targets for Ransomware Attacks, Most Remain Exposed

Veeam’s 2023 Ransomware Trends Report shows many pay ransom but don’t always recover.

Jeffrey Schwartz

May 26, 2023

7 Slides

Organizations with the proper data protection architecture are poised to mitigate, if not prevent, business disruption from ransomware attacks, Veeam officials emphasized during this week’s VeeamON 2023 conference in Miami.

However, only some organizations have successfully recovered data without paying ransoms, and even the many that have paid did not recover all their data. According to Veeam’s 2023 Ransomware Trends Report, most respondents, 85%, were victims of at least one ransomware attack in the past year.


Veeam’s Jason Buffington

“Ransomware is a when, not an if,” said vice president of market strategy Jason Buffington, noting that drove the data presented in the study. According to the survey of 1,200 cybersecurity, IT operations and backup administrators, over 93% of attackers include backups in their attacks, and they are successful in 75% of their efforts.

In 39% of those incidents, their backups are entirely lost, according to the survey of 1,200 cybersecurity, IT operations and backup administrators. Buffington noted that the study was conducted by a third-party research firm and fielded to organizations of all sizes worldwide, irrespective of their technology providers.

While 41% reported that they have policies that prohibit paying ransoms, 80% acknowledged paying them. Only 59% could recover their data despite paying the ransom, while 21% could not retrieve it.


Veeam’s Anand Eswarm

Only 16% said they could recover everything without paying a ransom, which fell from 19% last year, a trend Veeam CEO Anand Eswaran described as alarming. “The data is stunning,” he said during the opening keynote session. “Paying ransom does not ensure recoverability.”

Surviving Ransomware Attacks

Eswaran emphasized that the key to surviving a ransomware attack is immutable backups that can’t be changed or deleted. “Now, most of you use immutable repositories in some way,” he said. “You were still unable to recover your backups without paying the ransom. And why is that? It means that you need to pay a little more attention to the architecture of the platform and the product you really use because there is clearly a gap between the promise and the execution of when companies say they offer immutable storage.”


Veeam’s Dave Russell

During a session at VeeamON, Buffington and vice president of enterprise strategy Dave Russell discussed various findings from this year’s ransomware report.

See more findings from Veeam’s latest report in the gallery above.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Jeffrey Schwartz  or connect with him on LinkedIn.

Read more about:


About the Author(s)

Jeffrey Schwartz

Jeffrey Schwartz has covered the IT industry for nearly three decades, most recently as editor-in-chief of Redmond magazine and executive editor of Redmond Channel Partner. Prior to that, he held various editing and writing roles at CommunicationsWeek, InternetWeek and VARBusiness (now CRN) magazines, among other publications.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like