More proof that paying ransom might not save your data

The Bad Guys are gunning for backups, and victims of ransomware attacks often didn’t get what they paid for, according to the Veeam 2022 Ransomware Trends Report.

According to the report, 72% of surveyed organizations had partial or complete attacks on their backup repositories, restricting their ability to recover data without paying the ransom.

Almost all (94%) of attackers tried to destroy backup repositories, showing their business acumen. Worryingly, though not surprisingly, 80% of successful attacks targeted known vulnerabilities.

The majority (76%) of those attacked paid the ransom, but approximately one-third of those were unable to recover their data.

Accordingly, “ransomware is top of mind for us,” Veeam CTO Danny Allan told iTWire, adding that “security is about the first topic” for executives and IT professionals alike. “Unfortunately it took ransomware to make it happen.”

“Ransomware has democratised data theft and requires a collaborative doubling down from organizations across every industry to maximise their ability to remediate and recover without paying the ransom,” he said.

“Paying cybercriminals to restore data is not a data protection strategy. There is no guarantee of recovering data, the risks of reputational damage and loss of customer confidence are high, and most importantly, this feeds a self-fulfilling prophecy that rewards criminal activity.”

He added “One of the hallmarks of a strong modern data protection strategy is a commitment to a clear policy that the organization will never pay the ransom, but do everything in its power to prevent, remediate and recover from attacks.

“Despite the pervasive and inevitable threat of ransomware, the narrative that businesses are helpless in the face of it is not an accurate one. Educate employees and ensure they practice impeccable digital hygiene; regularly conduct rigorous tests of your data protection solutions and protocols; and create detailed business continuity plans that prepare key stakeholders for worst-case scenarios.”

That’s not to say there isnt a place for preventative measures such as user training and keeping up with software patching.

But once attackers gained a foothold, there was very little difference in the infection rates between data center servers, remote office platforms and cloud-hosted servers.

Veeam suggests the only way to protect against attacks that target backup repositories as well as production systems is to include at least one immutable or air-gapped tier within the data protection framework.

The good news is that 95% of respondents stated they now have – often in multiple storage tiers. 74% use cloud repositories that offer immutability; 67% use on-premises disk repositories with immutability or locking; and 22% use tape that is air-gapped. Furthermore, 45% of production data is stored on tape and 62% goes into a cloud at some point.

Other findings include the importance of recovery orchestration, and the alignment of cyber and business continuity/disaster recovery strategies.

The research was carried out by market research company Vanson Bourne among the 1,000 unbiased IT leaders of organizations of all sizes from 16 countries in APJ, EMEA and the Americas.


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber ​​Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable intelligence needed to combat the rising tide of cybercrime threat.

Click the button below to get the report.



It’s all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focused to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



Leave a Comment