In the Middle East and Africa, only 14% of organisations experienced no ransomware attacks in 2022, according to the Veeam Data Protection Trends Report 2023.
This is evidence that cybercrime is on the rise and businesses need to adjust how they manage their data to fend off attackers or risk irreparable damage, writes Lisa Strydom, senior manager: channel and alliance for Africa at Veeam Software.
In South Africa, in particular, cybercrime poses a danger to business continuity and costs the economy more than R2.2 billion annually1. Alarmingly, Interpol suggests that South Africa boasts the highest number of threats on the continent, and shockingly, third in the world.
Cyberattacks have emerged as the top threat to businesses, forcing a re-evaluation of data security policies with a particular emphasis on making sure that data is properly backed up so that organisations can dependably recover data after a crisis and eliminate the risk of data loss.
The verification of backup data is essential to a successful recovery owing to the yearly growth in ransomware attacks. Without secure, immutable and verifiable backups, organisations run the danger of data loss and increase their risk of having to pay a ransom.
This threat is further stressed in Veeam Data Protection Trends Report 2023, where, in 2021, 76% of organisations were successfully attacked by ransomware at least once, and in 2022, this number leapt up to 85%.
To ensure that organisations don’t become victims of attacks, terms such as ransomware preparedness and being cyber resilient are often bandied about, but do we know what these mean?
While the two work hand-in-hand, there are distinct differences, with ransomware preparedness specifically referring to the measures that organisations need to put into place to prevent a ransomware attack, while cyber resiliency refers to the measures an organisation takes to get up and running after being attacked.
In the industry, we talk about data being the new oil – a high-value commodity. It is a critical component of any organisation, and any loss or breach of it may result in irreparable damage, including loss of revenue, reputation damage, or regulatory and compliance negligence that could see the issuing of hefty fines.
The Veeam Ransomware Trends Report 2023 explored this topic further by surveying 1 200 IT leaders who experienced ransomware attacks. While 80% of respondents acknowledged paying, one-fourth of them still could not recover their data even after paying the ransom. Only 59% of encrypted or destroyed data was recoverable after an attack highlights that some of the data is not readable and as a result, organisations end up not being able to use the data again.
A secure, immutable backup is an organisation’s best line of defence, and to bolster its data defence arsenal, implementing the 3-2-1-1-0 backup strategy should be considered. This means storing three copies of the data on two different media types. One copy should be stored offsite and one copy offline – air-gapped media or immutable storage within disks or clouds – to ensure survivability that the backup doesn’t contain malware and cannot be tampered with by an attacker.
Lastly, with 56% of respondents to the Ransomware Report telling us that reinfection during data restoration happened to them, the zero relates to ensuring that the data has been verified as being able to be restored with zero errors.
Staged restorations, to prevent re-infection during recovery are the secret to ensuring the recovery process does not re-introduce malware or corruption. Hybrid IT architectures for recovering to alternative platforms like any other BC/DR strategy deliver additional redundancy and resilience too.
Global organisations point out several challenges when it comes to adequately securing their data. This includes a lack of sufficient tools, resources and skills, as well as believing that ransomware defences are costly.
While the cost of solutions from trustworthy data protection experts may seem high, keep in mind that paying a ransom could have catastrophic financial repercussions for the organisation, even if the attackers release the data once the ransom is paid.
Additionally, there could be repercussions from the breach, such as a violation of compliance laws in relation to the GDPR are, many would be hesitant to complete the transaction without a full warranty to ensure the vehicle runs smoothly and unhindered for years to come, and the same can be said for data protection.
A ransomware warranty isn’t guaranteed that it can solve every ransomware problem. However, it forms an important part of an operation’s ransomware recovery strategy.
Veeam recently launched a Ransomware Recovery Warranty. In the event of a verified ransomware attack, and given that customers have followed the correct procedures, the company will cover the cost of the data recovery up to $5-million.
With 85% of organisations increasing their data protection budgets this year, some by as much as 6,5%, creating a secure backup strategy is a business imperative to mitigate the risk of ransomware attacks. Those who experienced ransomware first hand stated that their cyber (prevention) budgets grew by 5,3%, while backup (remediation) budgets grew by 5,4% globally. This welcome development shows that data protection is of concern to organisations and they are taking important measures to ensure its security should they face a cyber attack.
After all, it is not a question of ‘if’ or ‘when’ ransomware attacks will occur, but ‘how often’. The issue is now endemic, and businesses must do what they can to ‘inoculate’ themselves against it.