About 81 per cent of organisations globally have paid ransom to end a cyberattack and recover data for the third year in a row, a new report revealed on Tuesday. According to the US-based IT firm Veeam, one in three of these organisations that paid the ransom still could not recover even after paying. In addition, for the third year in a row, more organisations ‘paid, but could not recover’ than those organisations that ‘recovered without paying’.
“Ransomware is endemic, impacting 3 out of 4 organisations in 2023. AI is now enabling the creation of smarter, more advanced security, but it’s also facilitating growth in the volume of sophistication of attacks,” said Dave Russell, Senior VP, Head of Strategy at Veeam. The report surveyed 1,200 respondents — comprised of CISOs (or executives with similar responsibilities), security professionals, and backup administrators. When a cyberattack strikes, 45 per cent of firms reported heightened pressure on IT and security teams. Additionally, 26 per cent experienced a loss of productivity, while 25 per cent faced disruptions to internal or customer-related services.
Moreover, 45 per cent cited increased workload post-attack, while 40 per cent reported elevated stress levels and other personal challenges that are difficult to mitigate on ‘normal’ days, according to the report. Further, the report showed that 65 per cent paid with insurance and another 21 per cent had insurance but chose to pay without making a claim. “Organisations must take action to ensure cyber resiliency and acknowledge that rapid, clean recovery matters most. By aligning teams and bolstering cybersecurity with immutable backups, they can protect their valuable business data while Veeam keeps their business running and secure,” said Russell.