fbpx

Announcing the 2024 Ransomware Trends Report

The third annual Veeam Ransomware Trends Report is officially HERE !!!

Each year, independent analysts survey unbiased and vetted organizations that experienced at least one cyberattack (breach/ransom/etc.) in the preceding 12 months. The resulting responses were analyzed to provide a comprehensive overview of the evolving threat landscape by surveying 1,200 unbiased IT leaders and implementers, with direct insights into how their organizations managed through and after the attack. 

A few fun facts about the annual reports:

  • With 1,200 respondents each year, we’ve now curated the insights of 3,600 organizations — and since the average organization experienced 2.1 attacks annually, the data reflects over 7,500 cyber incidents. And as one might expect, by repeating key questions each year, we’re also able to assess how trends are changing over time.
  • Our analyst firms conduct ‘double-blind’ surveys that ensure anonymity of the respondents, thereby enabling better transparency on breadth of attack, business impacts, organizational issues, etc.
  • Each survey specifically surveys three unique roles to complete a comprehensive understanding of how organizations experience these attacks, including CISO (or similar) executives, security professionals (prevention), and backup administrators (remediation). As a byproduct of surveying the three personas, we’re able to see how their perspectives align or don’t.

Check out a short summary video of this year’s report:

How Much Data Will I Lose After a Cyberattack? 18%

Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime that organizations experience, in no small part due to the fact that 41% of data is compromised during a cyberattack, according to the latest 2024 Ransomware Trends Report. The report also reveals that on average, only 57% of the compromised data will be recovered, leaving organizations vulnerable to substantial data loss and negative business impact as a result. 

Let’s do some scary math:

  • An average of 41% of your production data will be affected by an attack. To make that real, just imagine 2 out of 5 hard drives … 2 out of 5 mailboxes … 2 out of 5 documents in your home directory … 2 out of 5 of whatever matters to you is now shredded.
  • Of the affected data, only 57% will be recoverable — meaning that 43% will not be recoverable. So, you’ll get back half of what was shredded.
  • Therefore, you stand to lose 43% of the affected data (41%) = expect 18% data loss.

Read that againexpect 18% data loss — just over 1/6 of your production data set (on average). Again, this is a good time to remind folks the survey respondents were not Veeam customers, but a global sampling.  

What are the Impacts of Ransomware on the Teams? (Not Just the Org)

In the event of a ransomware attack, production data isn’t the only victim, and the losses won’t only be financial. Organizations must worry about the impacts such an attack will have on their reputation, productivity, insurance costs, and total financial impacts for the company — all of which can lead to data loss. This year’s report finds that cyberattacks not only impact organizations but have a negative human impact, as 45% of individuals cite increased workloads and 40% experience heightened stress levels post attack.

But Wait, There’s More Bad News

Other key findings from the Veeam 2024 Ransomware Trends Report include:

  • Cloud and on-premises data are just as easily attackable: Surprisingly, there was no significant variation between how much data was affected within the data center vs. data within remote offices/branch offices or even on data hosted in a public or private cloud. Meaning that as you’ve easily expanded your hybrid-cloud architecture to enable access to the users, that data is equally vulnerable to attacker. Hence, ensuring a comprehensive backup and recovery strategy across all those hybrid workloads is a must.
  • Most organizations risk reintroducing infections: Alarmingly, almost two-thirds (63%) of organizations are at risk of reintroducing infections while recovering from ransomware attacks or significant IT disasters. Pressured to restore IT operations quickly and influenced by executives, many organizations skip vital steps, such as rescanning data in quarantine or a ‘sandbox’, causing the likelihood of IT teams to inadvertently restore infected data or malware.
  • Organizations must ensure recoverable data: As a ‘lesson learned’, respondents of prior cyberattacks now recognize the importance of immutability with 75% of organizations now utilizing on-premises disks that can be hardened and 85% now utilizing cloud-storage with immutability capabilities. There is more work to be done, but this shows great progress in embracing a strategy that helps ensure that backups (instead of bitcoin) can be used to recover from ransomware.

Tune in on Tuesdays at Noon ET US

To give more insights on the research findings, we’re inviting a range of guests to weigh in on the Tuesday Industry Insights livestreams, starting June 11 – every Tuesday at Noon ET US, where we’ll cover topics like organizational alignment, financial impacts, cyber insurance, incident response playbooks, mitigating technologies, and other lessons learned from this year’s research. Click here for the latest livestreams.

To protect your organization from a worst-case scenario you need to have the knowledge and plans in place to keep your organization’s data resilient. To learn more about the research gleaned from 1,200 professionals in the field, download the full 2024 Ransomware Trends Report.