report organizations ransomware
Image: normalfx/Adobe Stock

You can take the necessary precautions to protect your business from a ransomware attack, but a savvy cybercriminal may still find weaknesses through which they can breach your organization. A report released Tuesday by disaster recovery provider Zerto examines how companies that seem prepared for an attack can still be vulnerable.

The report is based on a survey co-sponsored by Zerto and conducted by the analyst firm ESG. Conducted between Dec. 21, 2021 and Jan. 10, 2022, the survey elicited responses from 620 IT and cybersecurity professionals in North America and western Europe. Those polled were directly involved with the technology and the processes associated with protecting their organizations against ransomware attacks.

SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)

Among the respondents, only 21% said they had not been hit with any ransomware attacks over the past 12 months. Some 13% said they receive them on a daily basis, 17% on a weekly basis, 17% monthly and 32% on a less frequent basis. Out of all the attacks, 41% were successful only once, while 32% were successful more than once.

The question of whether or not to pay the ransom is a challenging decision faced by every victim of ransomware. Among those surveyed, 56% said they did pay the ransom to recover from a successful attack, while 42% did not. However, after paying the ransom, only 14% of the respondents said they recovered all of their data. A quarter said they recovered somewhere between 76% and 99% of their data, while a little over 40% said they recovered 51% to 75% of their data.

With these types of attacks a growing concern, 52% said that their preparedness for ransomware is much stronger than it was two years ago, and 47% said it was somewhat stronger. A full 82% said that they plan to slightly or significantly boost their spending on ransomware preparedness over the next 12 to 18 months.

Citing the most critical tools and technologies used to thwart ransomware attacks, 43% pointed to network security, 40% to backup infrastructure, 39% to endpoint security, 36% to email security and 36% to data encryption. Other tools mentioned included identity and access controls such as multi-factor authentication, Internet of Things security, identity prevention and detection systems, vulnerability management as well as automated data security audits and progress reports.

To help organizations not only prevent but recover from ransomware attacks, Caroline Seymour, vice president of product marketing at Zerto, offers some advice.

“Cyberattacks have become extremely adept at bypassing the preventative measures in place to thwart initial attacks, so organizations need to take the position that it’s not if an attack will take place but when,” Seymour said.

“When an attack happens, only an effective disaster recovery plan will allow organizations to avoid downtime, business disruption and taking a huge financial hit,” Seymour said. “The goal of a DR solution is to ensure you can restore operations quickly to within seconds prior to an attack with the minimum amount of data loss and downtime.”

Responding to an attack once your defenses are breached is critical, according to Seymour. It requires effective communication throughout the entire response team, which means frequent training along with well documented processes and protocols. You can improve your response with the right type of DR solution capable of cyber forensics and environment cloning, which lets you test the recovery in isolation before restoring it to your production systems.