Data Protection Report: Most Organizations Suffered a Ransomware Outage
A new data protection report from Veaam shows the massive impact of ransomware and other cybersecurity attacks currently plaguing the IT industry.
In fact, according to the new 2022 Data Protection Trends report based on a survey that garnered nearly 3,400 responses:
- 76% of businesses experienced at least one ransomware attack in the past year.
- 36% of data on average was unrecoverable after a ransomware attack.
- 51% of organizations have experienced outages caused by ransomware. And for the second year in a row, cyberattacks caused the most outages.
“Ransomware is a disaster – and an almost guaranteed threat that every organization should be prepared for,” said the data backup, recovery and management specialist. The company conducted the survey to quantify changes in overall data protection concerns/goals and strategies, as well as to understand the current market landscape for data protection, disaster recovery, cybersecurity/ ransomware and containers.
“88% of organizations believe that their cybersecurity strategies are completely or mostly integrated into their BC/DR strategy,” the report states. “This reinforces the recognition that ransomware is a disaster and that most organizations in the industry understand this point. While 3 in 4 organizations (76%) have experienced at least one attack, 24% have not been attacked or not aren’t aware of it yet.” Among those attacked:
- 42% were user-activated, meaning they clicked on a malicious link, often from spam.
- 43% were due to a lack of diligence on the part of an administrator (patches, credentials, etc.)
“On average, organizations were only able to recover 64% of their data, meaning more than a third of data is typically unrecoverable, according to 1,376 unbiased organizations surveyed,” the report said. However, 36% of respondents recovered more than 80% of their data.
Veeam offered this list of key findings from the report:
- Companies have an availability gap: 90% of respondents confirmed that they have an uptime gap between their expected SLAs and how quickly they can get back to productivity. This has increased by 10% since 2021.
- Data remains unprotected: Although backup is a fundamental part of any data protection strategy, 18% of global organizations’ data is not backed up and therefore completely unprotected.
- Human error is far too common: Technical failures are the most common cause of downtime with an average of 53% of respondents experiencing failures in infrastructure/network, server hardware and software. 46% of respondents encountered instances of administrator configuration error, while 49% were bothered by accidental deletion, data overwriting or corruption caused by users.
- Protect teleworkers: Only 25% of organizations use orchestrated workflows to reconnect resources in the event of a disaster, while 45% run predefined scripts to reconnect resources running remotely in the event of unavailability, and 29% manually reconfigure user connectivity.
- Economic drivers remain crucial: When asked which factors are most important when purchasing an enterprise data solution, 25% of IT managers are motivated by improving the economics of their solution.
After detailing data on ransomware and other cyberattacks learned over the past year, the company offered its own perspective.
“Using best practices for offsite or isolated backup copies should be part of every disaster recovery plan,” the company said. “Veeam recommends that there be three copies of important data, on two different types of media, with at least one of those copies offsite, isolated, offline, or immutable. Disaster recovery (DR) testing should also be a priority. to ensure that the data was backed up error-free and free of malware, ensuring that all data can be successfully recovered. To learn more about successful ransomware recovery and the 3-2-1 rule, click here.
Other key points from the report include:
“Hybrid” is normal and here to stay: With over 8,000 data points over three consecutive years, the “new normal” for modern computing is about 50/50 between on-premises and cloud-hosted servers:
Within the data center, there is a consistent expectation for physical and virtual platforms.
In the cloud, there is a healthy mix of using hyperscale and MSP-hosted infrastructure.
Two key takeaways from these trends:
- The data center is neither dead nor dying. There are as many good reasons to run a workload on premises as hosted in the cloud.
- Your data protection strategy should accommodate physical, virtual, and cloud-hosted options.
Organizations seek “better” data protection: When considering the six main drivers of change, three banding trends occur:
- Qualitative Improvement — Reduced RPO (loss of data), reduced RTO (downtime), and improved reliability equate to data protection that simply “works”.
- Increased Value — Changing CapEx to OpEx reduces upfront investment, relieving short-term budgets, while improving ROI/TCO increases the value of what is spent.
- Modern Capabilities – Moving from legacy backup to one that leverages cloud services or is powered by the cloud, while using tools that support an increasingly diverse range of production capabilities (and likely hosted in the cloud).
Modern is cloud, integrated and automated: The most common and important aspects of modern/innovative data protection are all “cloud”, including DRaaS, IaaS/SaaS protection, and the ability to move workloads between clouds. Beyond the cloudiness,
- Backup cannot be an isolated undertaking, nor can cyber-preparedness. Instead, backup should be included as a remediation component in any ransomware strategy.
- Backup shouldn’t be an afterthought for production either. When workloads are first provisioned, it’s time to define a workload’s data protection requirements. Similarly, as SaaS platforms come online (prior to migration or adoption), backup mechanisms should be enabled.
The gap between what business units expect and what IT can deliver continues to widen, as this five-year-old project shows: For 2022:
- 90% of businesses have an “uptime gap” between expected SLAs and how quickly IT can get back to productivity.
- 89% of businesses have a “protection gap” between how much data they can afford to lose and how often the data is protected.
The rationale is most likely due to the increasing criticality of more workloads. But there is a clear corollary between the key change drivers of improved RTO (availability), RPO (protection) and reliability, and these perceived “gaps”.
“As cyberattacks become more sophisticated and even more difficult to prevent, backup and recovery solutions are essential foundations of any organization’s modern data protection strategy,” said Danny Allan, CTO at Veeam. . “To have peace of mind, businesses need 100% certainty that backups are performed within the allocated window and restores are performed within the required SLAs. The best way to ensure that data is protected and recoverable in the event of a ransomware attack is to partner up and invest in an automated, orchestrated solution that protects the myriad data centers and cloud-based production platforms that organizations of all sizes rely on today.”
David Ramel is an editor and writer for Converge360.