As remote/online working has surged over the last few years, so did cybercrime. Ransomware came back with a vengeance in 2021, in the heat of the pandemic, targeting many small and medium businesses (SMBs). This comes as no surprise since 43% of all data breaches involve SMBs. Breaches such as Solar Winds, Colonial Pipeline and myriad others had major economic and security impacts. In fact, the World Economic Forum’s Global Cybersecurity Outlook found that ransomware attacks increased 151% in 2021 averaging 270 cyberattacks per organization with each successful breach costing the victim organization $3.6m.
Some key ransomware trends emerged throughout 2021 which we expect will continue into 2022. Malicious actors realized that certain techniques yielded better results and, unsurprisingly, they focussed on those approaches. Of even more concern is the fact that companies need 280 days on average to identify and respond to a cyberattack. To contextualise: a cyberattack which occurred on, say, 1 March may not be fully contained until 8 December.
Let’s take a look at 5 primary trends and statistics for ransomware which you should also consider when fortifying and bolstering your data protection strategy:
- Ransomware cost the world approximately $20 billion in 2021. That number is expected to rise to $265 billion by 2031.
- Check Point Research reported that it found 50% more attack attempts per week on corporate networks globally in 2021 compared with 2020. It is expected that these attacks will increase in 2022 and beyond.
- 92% of managed service providers (MSPs) reported that clients who had BCDR solutions in place were less likely to experience significant downtime during a ransomware attack. In addition, 4 in 5 MSPs reported that clients with a BCDR solution recovered from an attack in 24 hours, or less.
- 1 in 3 000 emails that pass security filters contains malware, including ransomware. Remember, simply using a filter doesn’t entirely eliminate the risk of ransomware.
- WannaCry is considered the biggest ransomware attack in history. It has crippled approximately 200 000 computers across 150 countries, putting the world in a state of frenzy for four days.
A three-tier threat response
Protecting your backup data and network is your last line of defence against sophisticated ransomware attacks. And more importantly, the ability to rapidly restore from that backup. Nancy Luquette, EVP, Chief Risk and Compliance Officer, S&P Global perhaps explains it best:
“Looking ahead to 2022-2023, cybersecurity must be seen as a strategic business issue that impacts decision-making. To mitigate risks like ransomware and social engineering, organizations must ask not simply how they are protected, but how well – with an eye to strength, sophistication and efficacy.”
A robust data protection strategy should be built on three pillars: Data resiliency, access control, and detection and analysis. Protect your backup data from ransomware with resilient architecture, vigorous encryption algorithms, erasure coding, immutable backup snapshots, and WORM (Write Once Read Many).
You can furthermore mitigate against the risk of weak or compromised user credentials with strict access controls such as multifactor authentication, granular role-based access control, and more. Finally, to reduce your blast radius, it’s important to detect suspicious activity almost immediately and so minimize the risk of data exfiltration.
Finally, in addition to focussing on protecting backup data and VMs, you should also ensure your network is adequately protected. The cost of network downtime as a result of ransomware can be substantial and have catastrophic consequences for the business and its customers. Stage2Data’s flagship Network Recovery-as-a-Service (NRaaSTM) solution protects your entire network including protecting and failing over your files, programs and servers should a VM infrastructure down event occur.
How confident are you that you can defend against a ransomware attack?
Attacks with Cohesity
If you found this post interesting, you might enjoy these too: