9 in 10 enterprises hit by ransomware, claims study

Nine in 10 (91%) executives report their organisations have been attacked by at least one ransomware variant, according to global research from data for DevOps company, Delphix.

The new study, based on a new global Pulse survey of 100 IT and security executives, quizzed enterprise leaders on their tech infrastructure, approaches to defending against ransomware and the impact of previous attacks.

While 86% of executives reported some downtime for their businesses after a ransomware attack, most admitted experiencing downtime for 2-9 days or more.

Only one in 10 (11%) feel confident they can recover from an attack in two days or less. Most leaders anticipate recovery from a ransomware attack to take anywhere from 3-5 days to over two weeks. For enterprises over 10,000 employees, most executives estimate that downtime for business-critical applications costs their companies between $10m and $200m per day.

Leaders aren’t confident they are prepared to deal with modern ransomware attacks, with many citing their third-party backup solutions as poor performers during an attack. Indeed, nearly three quarters (70%) of executives reported their company’s backup systems were compromised during a ransomware attack, with a further 48% permanently losing data following a ransomware attack.

Over half (54%) admitted they only backup their data between once a month to once per year, leading to large gaps in the data record and potential data loss.

“The reality for today’s modern businesses is their legacy backup solutions are simply not equipped to deal with a modern attack from one or more of three key ransomware variants: encryption, lockerware, and exfiltration,” said Pritesh Parekh, VP of Engineering and Chief Trust & Security Officer at Delphix.

“Today, traditional backup as the go-to approach for protection and recovery is failing businesses miserably. Ransomware can exploit flaws in legacy backup solutions and can specifically target weakly protected backup solutions.”

Two thirds (67%) of executives deploy a backup solution that does not provide masking to protect against data exfiltration. Despite 81% of CxOs reportedly concerned about data theft during ransomware attacks, three quarters (75%) report only masking between 0% and 50% of data in non-production environments.

“IT execs must align preparation, knowledge and response to improve their organisation’s ability to deal with ransomware attacks. Organisations should look for a complement to their existing backup solution that will provide more robust capabilities to deal with ransomware attacks,” Pritesh Parekh added. “From features like data masking to protect data in a test and development environment, to the ability to recover to an isolated recovery environment, more advanced capabilities are needed to get enterprises fully prepared for a modern ransomware attack.”