window.location.replace(''); .
HomeBusiness76% of companies pay criminals, but 24% do not recover data

76% of companies pay criminals, but 24% do not recover data

Despite all the investments in cybersecurity, companies are losing the battle when it comes to protecting against ransomware attacks. At least that’s what the Veeam 2022 Ransomware Trends Report says. According to the study, 72% of organizations had partial or full attacks on their backup repositories, dramatically impacting their ability to recover data without paying the ransom.

Most companies pay criminals

The survey also shows that 76% of organizations admit to paying ransomware criminals, but 1/3 of them are unable to recover data, that is, the practice is not recommended by experts.


According to Veeam Software, which provides backup, recovery and data management solutions, 80% of successful attacks target known vulnerabilities, reinforcing the importance of patching and updating software.

Almost all attackers have tried to destroy backup repositories to disable the victim’s ability to recover without paying the ransom.

Inside the search

The Veeam 2022 Ransomware Trends Report surveyed 1,000 Information Technology (IT) leaders whose organizations were attacked by ransomware at least once in the last 12 months.

The study examined key learnings from these incidents, their impact on IT environments, and the steps taken to implement modern data protection strategies that ensure business continuity into the future.

The project specifically surveyed four IT personas (CISOs, security professionals, backup and IT operations managers) to understand how companies are preparing.

“Ransomware has democratized data theft and requires the collaboration of organizations across industries to maximize their ability to remediate and recover without paying the ransom,” said Danny Allan, CTO at Veeam.

“Paying cybercriminals to restore data is not a data protection strategy. There is no guarantee of data recovery, the risks of reputational damage and loss of customer trust are high, and most importantly, this fuels a self-fulfilling prophecy that criminal activity pays.”

Read more:

No words

According to the study, of the companies surveyed, 76% paid the ransom to end an attack and recover data, but only 52% managed to recover the data.

Thus, 24% of the companies ended up having double losses, because in addition to losing data, they also ran out of money paid for retrieving the information.

And 19% of organizations did not pay the ransom because they managed to recover on their own. And that’s the best solution, according to IT experts.

“One of the hallmarks of a strong Modern Data Protection strategy is a commitment that the organization will never pay the ransom, but will do everything in its power to prevent, remediate and recover from attacks,” added Allan.

Most cybercriminals ask for money to return access to data, but not all keep their word; Companies should adopt preventive cybersecurity measures. Image: Shutterstock

preventive tips

Tips for employees to keep systems safe within companies include impeccable digital hygiene, regularly performing rigorous testing of your data protection solutions and protocols, creating detailed business continuity plans that prepare key stakeholders for worst-case scenarios.

Other research findings include orchestration to proactively ensure the recoverability of your systems.

One in six IT teams automates the validation and recoverability of their backups to ensure their servers are restorable.

So, when remediating a ransomware attack, 46% of respondents used an isolated “sandbox” or staging area to ensure their restored data was clean before reintroducing systems into production.

81% believe their organizations cyber and business continuity/disaster recovery strategies are aligned. However, 52% of respondents believe that interactions between these teams need to be improved.

Additionally, 95% of organizations have at least one level of immutable or air-gapped data protection, 74% use cloud repositories that provide immutability; 67% use local disk repositories with immutability or locking; and 22% use air-gap tape.

Therefore, prevention requires diligence from both IT staff and users, given that the attack surface for cybercriminals is diverse. Thus, maintaining constant supervision and analysis of systems is essential to avoid the much-feared ransomware. See the full survey by clicking here!

Have you watched the new videos on YouTube from Olhar Digital? Subscribe to the channel!

Must Read