Ransomware Statistics to Guide Your Ransomware Recovery Plan


What is Ransomware?

A ransomware attack is when malicious threat actors strike organizations with malware that encrypts data and paralyzes systems and networks, refusing to restore them until a ransom demand is met. Oftentimes even when payment is made, the data is never recovered.

These ransomware attacks first focused on large institutions and enterprises, prompting urgent cybersecurity upgrades across industries. Increasingly, threat actors are shifting their sights from large companies that have made investments in their defenses, to vulnerable small and medium sized businesses that are easier targets.

As ransomware attacks continue to create headlines, the data protection and cybersecurity experts at Storagepipe wondered, ‘What are technology decision-makers really experiencing in the fight against ransomware?’

Gartner Peer Insights and Storagepipe surveyed 331 technology professionals who shared ransomware statistics and insights like:

• How many have experienced ransomware, and what were the outcomes
• What makes an organization vulnerable to ransomware
• Why ransomware attacks have been increasing

Download the full report for Ransomware Insights here!

How Common is Ransomware?

Overall, most IT leaders (57%) believe that their organization is likely to be hit by a ransomware attack in the next 12 months.

Over 70% of IT leaders have worked in an organization that has experienced a ransomware incident.
Of those who have already experienced a ransomware attack (n = 234), 62% believe an attack is also likely in the future, compared to 45% of those who haven’t experienced a ransomware attack (n=97).

How Many Businesses Pay Ransomware?

At least 12% of ransomware attacks involved ransomware payments.

Desperate and ill-advised ransomware payments often fail to return the business to normal and verify for the attackers that the business is a profitable target that they should hit again for ransomware double extortion.

Overall, following a ransomware attack, only 54% of leaders were able to fully recover their data. However, for those whose organization paid the ransom (n = 29), 52% experienced full ransomware data recovery, compared to 65% for those whose organization did not pay the ransom (n = 147).

Despite the common-sense wisdom of ‘never reward bad behavior’ and the ransomware stats to back that up, a staggering 45% of surveyed respondents agreed that ransomware payments should be considered an operating cost for businesses.

And only 22% replied that organizations should never pay ransomware demands. As one VP pointed out, “People are paying, so there is a market. Frankly, I’d rather pay the penalty than pay the criminals.”

What are the Effects of Ransomware on Businesses?

As for repercussions, business reputational damage is viewed as the biggest consequence of a successful ransomware attack (83%), followed by the fear that it could inspire further or copycat ransomware attacks (70%), and concerns around government sanctions potentially being levied against them for making the ransomware payment (34%).

Businesses also acknowledge the negative impacts on their workforce, with 28% replying that they worry about staff redundancies to recuperate costs, and 27% fearing an expected loss of their C-Suite.

What are Ransomware Vulnerabilities?

Employees are the number one vulnerability point exploited by ransomware attacks, with 78% reporting employee negligence like weak passwords and accidental data exfiltration topping the list tied with ransomware attack vectors like email phishing and other social engineering campaigns.

Want more? Download the full report here for ransomware statistics revealing the industries that are most likely to be hit by ransomware attacks and the single main reason an organization falls victim to a ransomware attack!

Now that we understand the current ransomware and threat landscape, let’s look at how we can protect against ransomware with prevention and recovery strategies and services.

How to Protect Against Ransomware?

While it takes some planning, a cybersecurity strategy that is as multi-layered as your business is the best approach. This factors in how to protect your end users from falling prey to phishing all the way to 24/7 network monitoring for threat and vulnerability identification, to cloud monitoring for your SaaS applications like Microsoft 365, G Suite, Amazon Web Services, Azure, Dropbox and more.

Storagepipe has found that cybersecurity awareness training paired with simulated phishing campaigns provide organizations with a capability to evaluate and educate their end users on how to identify and avoid malicious ransomware emails and social media scams. Having cybersecurity-savvy end users leads to a reduction in risky behavior, threat exposure, and cybersecurity incidents.

Ransomware prevention technologies such as managed detection and response services (MDR) and robust anti-spam and anti-virus tools are critical to successful ransomware protection. In an increasingly hybrid office world, implementing strong end user and endpoint cybersecurity is critical. When compared to a centralized office environment that may have firewalls and other safeguards in place, remote work can require additional protections. Modern cybersecurity as a service (SECaaS) solutions combine endpoint cybersecurity with managed detection and response services for a comprehensive cybersecurity plan to protect multiple attack surfaces.

Recovery from Ransomware

Unfortunately, an ounce of prevention does not always result in a pound of cure. Many companies large and small are searching for flexible and affordable ransomware recovery services that can help them recover from ransomware across their endpoints, network, cloud, and SaaS applications.

A well-prepared ransomware recovery plan recognizes that a disruption to your business for even a few hours can result in significant financial and reputational repercussions. The plan should include Recovery Point Objective (RPO) and Recovery Time Objective (RTO) directives that guide decisions, procedures, and backup and disaster recovery services that ensure that your business survives with as little damage as possible.

Storagepipe excels at matching our customers’ business needs to the right disaster recovery services to meet their objectives, budget, and business model. For example, a disaster recovery service can help eliminate downtime impacts on production systems by providing options for full or partial failover so that your business can continue to operate while full restoration is completed behind the scenes. In addition to hot site high availability disaster recovery, Storagepipe offers innovative warm site disaster recovery that enables affordable staged recovery based on the business criticality and priority of your systems.

Contact our disaster recovery experts today to explore your best ransomware protection options!