New study puts ransomware threats and impacts in context
- Published: Friday, 01 April 2022 08:27
OwnBackup has announced the findings of a global survey conducted by Enterprise Strategy Group (ESG) that reveals that 79 percent of respondent organizations have been targeted by ransomware within the past 12 months. Of those nearly three quarters said the attack was successful, meaning that it disrupted business operations.
Other key findings include:
- Of the respondents that said their organization paid a cyber ransom to regain access to data, applications, and/or systems after an attack, only 14 percent were able to recover all of their data.
- 87 percent of respondents who made ransom payments said that they experienced additional extortion attempts beyond the initial ransomware demand.
- 31 percent of respondent organizations targeted by ransomware indicated that application user and permission misconfigurations were the initial point of compromise.
- 87 percent of respondents are very or somewhat concerned about their backups being infected by ransomware attacks.
“While data backups are essential for ensuring business continuity in the event of a successful ransomware attack, their value makes them prime targets of ransomware infection themselves,” said Sam Gutmann, CEO of OwnBackup. “By storing backups outside of production on an independent platform, companies can not only keep them safe from a potentially devastating cyberattack, but also avoid having to pay a ransom to get their data back. It’s also important to remember that data security is a team sport, and that IT, InfoSec, CISOs and others must work in unison to truly prevent attacks.”
To gather data for this report, ESG conducted a comprehensive online survey of IT and cyber security professionals from private- and public-sector organizations in North America and Western Europe between December 21, 2021 and January 10, 2022. To qualify for this survey, respondents were required to be IT or cyber security professionals personally involved with the technology and processes associated with protecting against ransomware attacks.