Ransomware is a global issue facing almost all organisations whose businesses depend on or leverage information technology, and organisations in Africa are no exception. In fact, businesses in growing emerging economies are often attractive targets because they do not have the legacy investment into data security solutions that more developed economies do.
By Rasheed Ola Jimoh, senior director: West and Central Africa at Commvault
The ability to recover from a ransomware attack effectively and seamlessly is key to business continuity and stability as ransomware attacks continue to proliferate.
Under attack
Ransomware attacks use various methods to gain access to data, including phishing scams, and once they successfully infiltrate the network, typically, the organisation’s data is encrypted. The attackers hold the data to ransom, and in theory, when organisations pay the ransom, they are given a key to decrypt the data. In some cases, even after payment, confidential data like medical records and financial data is released into the wild, causing significant reputation damage.
While successful ransomware attacks are not always reported or publicised, many organisations have fallen victim in Nigeria, Ghana and other countries in the region, and a number of these businesses have been left with little option other than to pay the ransom in an effort to try and decrypt their data. However, even when paying the ransom, there is no guarantee that you will get all of your data back and be able to continue business as usual.
The magnitude of the problem is highlighted in the Sophos State of Ransomware 2022 report, where 71% of respondents from Nigeria, from a poll of 100 participants, confirmed that their organisations have been the victim of a ransomware attack in the past year. Of these organisations, 46% reported that they paid the ransom to restore data, and only 4% of the organisations that paid the ransom recovered all their data.
Not if, but when
Clearly, ransomware attacks are no longer a case of whether you will be attacked or not, but when you will be, and your ability to recover fully is imperative. The impact to the business can be far-reaching and have devastating consequences. From downtime that causes loss of business and revenue to reputational damage due to leaked information, the cost of the ransom payment itself and more, these expenses can end up being extreme.
According to the Sophos report, the average ransomware pay-out in Nigeria was $706 000, while in South Africa this amount averaged at $634 000. The average cost for an organisation to rectify ransomware attacks in Nigeria was $3,43-million in 2021, compared to $460 000 in 2020, a remarkable 644% jump. For South Africa in 2021, the cost was $710 000.
Data protection is the key
The importance of having effective and efficient data protection methodology and solutions cannot be over-emphasised. Your ability to recover your data is entirely dependent on the effectiveness of your backup, but frequently, organisations have unreliable, ineffective, overly complicated backups that do not have the breadth of coverage needed to protect the entirety of the data. In addition, often backups are not immune to attack themselves, and when backup data is also encrypted, it cannot be used for recovery.
To ensure recovery in the event of an attack, it is essential to have a proven backup and recovery solution that covers the length and breadth of your organisation’s data, and that offers frequent and regular backups that are validated and backed up to air-gapped and immutable storage.
The reality is that your organisation will experience a ransomware attack at some point. When it does happen, do you have the capability to recover fully?