Ransomware continues to cause chaos: Victims are unable to recover 43% of the affected data.

Ransomware continues to be a constant threat to organizations and the leading cause of disruptions and downtime in IT. According to the Veeam® Ransomware Trends Report 2024, 41% of data is compromised during a cyberattack, and only 57% of that data is recovered, leaving companies vulnerable to significant losses and a negative impact on their operations.

“Ransomware is endemic, affecting three out of every four organizations in 2023. Artificial intelligence enables the creation of more advanced security, but also facilitates an increase in the sophistication of attacks,” said Dave Russell, Senior Vice President and Chief Strategy Officer at Veeam. “Our report sends a clear message: ransomware attacks will continue and be more severe than anticipated. Organizations must take steps to ensure cyber resilience and a quick and efficient recovery.”

Impact on Personnel and Productivity

Cyberattacks not only affect the financial stability of companies, but also have a significant cost on work teams. The Veeam report reveals that 45% of respondents experience increased workloads post-attack, and 40% report high levels of stress. Additionally, 26% of organizations suffer a loss of productivity, and 25% face disruptions in internal or customer services.

Misalignment in Cyber Preparedness

Despite increased focus on cyber preparedness, there is persistent misalignment between cybersecurity and backup teams. 63% of organizations believe these teams are not properly synchronized. Additionally, 61% of security professionals and 75% of backup administrators believe that significant improvement or a complete system overhaul is needed.

Paying the Ransom Does Not Guarantee Recovery

For the third year in a row, the majority of surveyed organizations (81%) paid the ransom to end an attack and recover data. However, one in three of these companies failed to recover their data even after payment. More organizations paid without being able to recover, compared to those who recovered without paying.

Real Financial Impact

Contrary to popular belief, having cyber insurance does not increase the likelihood of paying ransoms. Although only a minority of organizations have a payment policy, 81% chose to pay. Of these, 65% paid with insurance, and another 21% preferred to pay without filing a claim. This indicates that in 2023, 86% of companies had insurance coverage for cyber events.

Paid ransoms represent only 32% of the total financial impact for a company after an attack. Additionally, cyber insurance does not cover all costs associated with an attack. Only 62% of the total impact is recoverable through insurance or other means, leaving the rest to the organization’s budget.

Data Backup and Recovery

A “good backup” is crucial in any cyber preparedness manual. Only 2% of companies lack a previously identified Incident Response Team (IRT), and only 3% have teams without a formal guide. Other key findings from the report include:

– On-premise and cloud data are equally vulnerable: There was no significant variation in the amount of data affected between on-premise data and cloud-hosted data.
– Risk of infection reintroduction: Almost two-thirds (63%) of companies risk reintroducing infections by recovering data without proper scanning.
– Ensuring data recovery: 75% of companies now use reinforced on-premise disks and 85% use cloud storage with immutability capabilities, highlighting improvements in data resilience.

The full Veeam Ransomware Trends Report 2024 is available at Veeam. The community event for data recovery experts, VeeamON 2024, will take place online from June 3-5, and in-person in Fort Lauderdale, Florida. This event will feature sponsors such as ExaGrid, Hewlett Packard Enterprise, Lenovo, and Microsoft, among others.

Scroll to Top