Attackers leave organizations with no recovery option

2023-05-31 03:00

Only 16% of organizations avoided paying ransom because they were able to recover from backups.

As far as recovery goes, the research reveals that in 93% cyber-events, criminals attempt to attack the backup repositories, resulting in 75% losing at least some of their backup repositories during the attack, and more than one-third of backup repositories being completely lost.

By attacking the backup solution, attackers remove the option of recovery and essentially force paying the ransom.

The good news is that based on lessons learned from those who had been victims - 82% use immutable clouds, 64% use immutable disks, and only 2% of organizations do not have immutability in at least one tier of their backup solution.

Incident response playbooks depend on backup: 87% of organizations have a risk management program that drives their security roadmap, yet only 35% believe their program is working well, while 52% are seeking to improve their situation, and 13% do not yet have an established program.

Organizational alignment continues to suffer: While many organizations may deem ransomware to be a disaster and therefore include cyberattacks within their Business Continuity or Disaster Recovery planning, 60% of organizations say they still need significant improvement or complete overhauls between their backup and cyber teams to be prepared for this scenario.

News URL

https://www.helpnetsecurity.com/2023/05/31/data-recovery-process/