The ransomware readiness gap and mitigation strategy challenge

Reports of ransomware attacks continue to occur in rapid succession. While organizations are more concerned than ever about software supply chain security threats and expanding attack surfaces, ransomware remains a fundamental cybersecurity challenge (with ransomware hackers increasingly leveraging the supply chain as well).  

While organizations recognize that one of the best protections against a ransomware attack is the ability to recover from it, many are still struggling to counteract ransomware when prevention has failed.

As mentioned in a previous article, the Splunk State of Security 2022 report found that 79% of enterprises had experienced ransomware attacks. In addition, 20% of respondents had data/systems held hostage.

According to that Splunk report, 66% of ransomware victims pay up, and a third of ransomware victims (33%) manage to recover from a backup.

Ransomware attacks

2022: the year of ransomware – again

Is 2022 that bad for ransomware? Let’s compare with 2021.

In October 2021, security vendor Sonicwall called 2021 “the year of ransomware.” Through the first three quarters of the year, the firm had found a 148% increase in worldwide ransomware attacks to 495 million, with an average of 1,748 ransomware attempts per customer.

And 2022? In April, BlackFog also came out with ransomware news. Like in 2020 and 2021, the company reports on the “state of ransomware.” To stay updated on the most significant attacks and monthly trend reports, you can subscribe to it.

The trend report for the first quarter of 2022 is not looking good. In January and February, there were clearly more attacks. Only March looked “better,” as you can see in the graph below. Other graphs also show, among other things, the evolution of ransomware by sector, with the technology sector, manufacturing, and healthcare leading the way.

So, in 2022, ransomware continues to cause huge problems, as we can all see, read or hear daily.

Ransomware attack trend report Q1 2022 Blackfog - source courtesy and more information BlackFog
Ransomware attack trend report Q1 2022 Blackfog – source, courtesy and more information BlackFog

Mitigating the impacts of an attack and resuming business operations without paying a ransom

Moreover, companies still appear to have numerous gaps in ransomware readiness that have severe implications in terms of cyber resilience or the ability to manage and recover from attacks from backup, as is confirmed by a new major ransomware study.

It is conducted by ESG (just like the previously mentioned Splunk report) and co-sponsored by Hewlett Packard Enterprise company Zerto.

The study, among others, reveals that ransomware readiness gaps dramatically impact the ability of many organizations to manage and recover from attacks. Moreover, per the study, the widespread cybersecurity skills shortages and over-reliance on internal resources present clear risks to mitigation strategies.

Ransomware Attacks Are Pervasive - Paying Ransom Is Not a Guarantee

The ability to recover from ransomware attacks is essential. The under-preparedness to effectively mitigate against the risks and impact of ransomware attacks results in a significant number concluding they have no alternative but to pay ransom demands in the hope their data will be returned, says Christophe Bertrand, practice director at ESG. He adds that “leaders should be focusing on ransomware strategies that emphasize effective, rapid, and complete recovery.”

According to the ESG study published in a new e-book, “The Long Road Ahead to Ransomware Preparedness,” 56% of respondents paid out a ransom, but only one in seven reported getting their data back post payment.

The conclusion is clear: being prepared is vital as more and more the question for organizations becomes when ransomware will strike instead of if.

Even within the most advanced organizations, 75% suffered operational disruption, calling into question how complete ransomware recovery strategies are even for those considered most prepared. (ESG)

Ransomware attacks in 2022 – preparedness as a priority

The ESG report confirms the mentioned findings of all other studies regarding the continuing rise of ransomware attacks.

Among the more than 600 respondents, 79 percent experienced a ransomware attack within the last year, with 17 percent experiencing attacks weekly and 13 percent experiencing attacks daily, as you can read in the announcement of another sponsor, Keepit.

And here, we also read that more than 79 percent of the survey’s respondents said they categorize ransomware preparedness as being within the top five on their list of overall business priorities.

“Organizations are building their own individual strategies and processes in response to a lack of industry reference architecture or a blueprint for ransomware protection,” Christophe Bertrand, Practice Director at ESG.