It’s 2024, are your data protection strategies doing enough to protect you against emerging and established Ransomware threats?
Today’s vast digital landscapes put more and more data into positions that are vulnerable to ransomware attacks. The new flavour of choice for attackers sees your data rendered unusable, encrypted or locked away until a considerable ransom is paid. The backup, disaster recovery and data protection strategies of old might not be enough to keep you safe.
With Veeam’s ‘2024 Data Protection Trends Report’ and their ‘2024 Ransomware Trends Report’, it’s now easier to see than ever that you might need to re-think your approach to data integrity.
The Growing Threat of Ransomware
In years gone by, ransomware attacks were rare and isolated. With a high barrier of entry for attackers to overcome, this method of attack was reserved for large-scale targets, huge multinationals, or state-sponsored efforts. In recent years though, the toolset required to launch ransomware attacks has become standard equipment for attackers around the globe. Veeam trend data for 2023/2024 shows that 75% of organisations reported getting hit by a cyber-attack that included ransomware as a component. Most of those organisations also claimed to have been targeted more than once.
It’s clear that there is an unfortunate truth surrounding the effectiveness of Ransomware, and this only increases its popularity as time goes on.
It’s Not Just The Money
The immediate reaction of the masses and general focus of the media around these types of attacks is often to spotlight the ransom amount demanded as the “cost of the attack”. This is far from the truth, with the ransom demand figures accounting for less than a third (32%) of the total financial impact of the attacks.
Coveware reported that in Q4 2023, the average ransom payment was $568,705.00 USD“
There are of course other direct monetary costs, recovery efforts, rebuilding and re-architecting systems, security patching. These all have a dollar cost associated with them. But it’s the non-monetary costs that also stack up quickly, Veeam trend data from affected organisations reported:
Increase in employee stress
Decrease in work-life balance
Disciplinary action rate of job security loss
Increase in workload
But We’ve Got Backups!
It’s been an uphill battle for years for providers to convince clients that backups are a necessity. Unfortunately, not all backups are created equal, and some are just as vulnerable and susceptible to effect from ransomware as the production data they were created from.
Veeam trend data revealed that 96% of cyber-attacks including ransomware attacks target the backup repositories of an organisation, with a success rate of 76%! Within those successes around 37% of repositories were affected/compromised, the other 63% presumably are air-gapped, or immutable.
Veeam offers tools that help providers outpace malicious actors, even when those actors are already inside the client’s infrastructure. The first is Insider Protection, a facility that retains a separate backup chain with the cloud provider that is unseen and untouchable form within the client’s infrastructure. A hidden, un-ransomware’d backup copy would be worth its weight in gold following a successful ransom attack.
What Should You Do?
Any organisation in 2024 should be rethinking their backup and DR strategies to better withstand the impact of modern ransomware attacks.
– Less than 60% of organisations make use of air-gapped backup copies.
– Around 25% of organisations do not have alternative server estates to failover to.
– On average, 43% of affected data will not be recoverable in a ransomware attack.
Make sure you adopt the 3-2-1 rule:
3 copies of your data
2 different media types
1 copy offsite or air-gapped
In Summary
Ransomware attacks are still on the increase, and they affect more people than most will care to admit. Careful planning of the production infrastructures and the backup strategy must be undertaken for an organisation to stay in a comfortable spot that can be recovered from post-attack.
At Vinters, we are well versed in backup strategy, data protection, and high availability of services. We extensively use Veeam products for clients and swear by Veeam’s industry-leading backup data protection methods to provide our managed backup services and managed disaster recovery services.
If you would like to discover more about Backups, Replication & Disaster Recovery, geographically diverse High Availability or any other advanced data handling, get in touch with our team today.
References:
Veeam Ransomware Trends Report 2024