There has been no slowdown in ransomware attacks in recent months. In the last two weeks alone, Managed.com, office furniture giant Steelcase, laptop maker Compal, and Brazil’s Superior Court of Justice have all been hit with devastating ransomware attacks that crippled their services and caused untold damage to their data.
A new study from data protection company Veritas illustrates the many reasons IT leaders believe there has been an increase in ransomware attacks. The 2020 Ransomware Resiliency Report found that a number of organizations are not prepared and are leaving themselves exposed with shoddy security and incomplete backups.
The study features insights from 2,690 IT professionals and executives across 21 different countries in Europe, Asia, and North America.
SEE: Incident response policy (TechRepublic Premium)
Almost two-thirds of respondents said they thought the security measures at their enterprise had not kept up with their IT complexity. Nearly half said their company had experienced a ransomware attack and among those who had suffered through one, on average they said they’ve faced 4.5 attacks.
More than half of all respondents said their organization had either cut funding for IT security or kept it the same during the COVID-19 pandemic despite the massive shift to telecommuting.
According to the survey, 57% of respondents said their companies haven’t tested their disaster recovery plan within the past two months and 66% estimated that it would take five or more days to fully recover from a ransomware attack if they didn’t pay the ransom.
“We’ve heard from our customers that, as part of their response to COVID, they rapidly accelerated their journey to the cloud. Many organizations needed to empower homeworking across a wider portfolio of applications than ever before and, with limited access to their on-premise IT infrastructure, turned to cloud deployments to meet their needs,” said John Abel, SVP and chief information officer at Veritas, in a statement.
“We’re seeing a lag between the high-velocity expansion of the threat surface that comes with increased multi-cloud adoption, and the deployment of data protection solutions needed to secure them. Our research shows some businesses are investing to close that resiliency gap – but unless this is done at greater speed, companies will remain vulnerable.”
Attackers are not picky about what they go after, with the report saying ransomware was being targeted at data and applications in the cloud nearly as often as on-premises resources.
But just one third of all respondents said their companies had three or more copies of their data, including having one copy off site, separate from their data center.
More than 35% of respondents said their enterprise is using an equal mix of on-premises resources and public cloud resources for their data and applications and just 4% said they exclusively use the public cloud.
SEE: Cloud data storage policy (TechRepublic Premium)
“Use of cloud services, including infrastructure as a service, platform as a service and software as a service, is increasingly pervasive. Respondents were asked to estimate the number of cloud services their organization uses, from Google Apps and Office 365 to Apache Stratos, Salesforce and OpenShift,” the report said. “The average number of cloud services being used is 11.7 globally. Cloud service adoption is even more widespread in the United States and Western Europe.”
Half of all respondents told researchers that their organization had at least four ransomware protection measures in place but 20% were using just one or two.
For those who had already experienced a ransomware attack, 38% said they suffered disruptions of at least five days while 32% said their systems were down for between one and four days. One-third said they were back up and running in one day.
More than 40% of ransomware victims said 20% or more of their files and data were impacted or lost.
While 57% of respondents said their data recovery plans hadn’t been tested in the last two months, another 39% said theirs had not been tested in more than 90 days or not at all. On average, respondents said that in the event of an attack, about 20% of their data would be lost permanently.
“The benefits of hybrid multi-cloud are increasingly being recognized in businesses around the world. In order to drive the best experience, at the best price, organizations are choosing best-of-breed cloud solutions in their production environments, and the average company today is now using nearly 12 different cloud providers to drive their digital transformation,” Abel said.
“However, our research shows many businesses’ data protection strategies aren’t keeping pace with the levels of complexity they’re introducing and, as a result, they’re feeling the impact of ransomware more acutely. In order to insulate themselves from the financial and reputational damage of ransomware, organizations need to look to data protection solutions that can span their increasingly heterogenous infrastructures, no matter how complex they may be.”
Subscribe to the Cybersecurity Insider Newsletter
Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays