Cloudian recently released its 2021 Ransomware Victims Report. This study was based on an independent survey of 200 IT decision-makers whose organizations experienced a ransomware attack between 2019 and 2021. The survey revealed that traditional ransomware defenses are failing, with more than half (54 percent) of all victims having anti-phishing training and 49 percent having perimeter defenses in place at the time of the attack. The findings of this study suggest that organizations must place greater emphasis on putting systems in place that allow for quick data recovery in the case of an attack, without paying a ransom.
Cloudian is an independent provider of object storage systems, offering S3 compatibility along with a partnership ecosystem. The vendor’s flagship solution, HyperStore, provides scalability, flexibility, and economics within the data center. Additionally, Cloudian’s data fabric architecture allows enterprises to store, find, and protect object and file data across sites. These processes can take place both on-prem and in public clouds within a single, unified platform. In 2020, Cloudian HyperStore was recognized as a 2020 Gartner Peer Insights Customers’ Choice for Distributed File Systems and Object Storage.
Ransomware Comes Through, Despite Defensive Measures
Many businesses allocate large portions of their cyber-security budget towards defensive measures, including anti-malware software and anti-phishing training for employees. However, ransomware attacks have evolved and become more sophisticated, enabling cyber-criminals to get past an organization’s defenses. The 2021 Ransomware Victims Report found that:
- Phishing remains the easiest path for ransomware, as 24 percent of ransomware attacks started this way.
- Phishing attempts succeeded, even though 54 percent of those surveyed and 65 percent of those that reported it as the entry point had conducted anti-phishing training for employees.
- Approximately half (49 percent) of respondents had perimeter defenses in place before a successful attack.
- The public cloud was the most common point of entry for ransomware, with 31 percent of respondents being attacked this way.
Widespread Impact of Ransomware Attacks
When cyber-criminals successful launch a ransomware attack, they can quickly take over and significantly impact all parts of a business:
- 56 percent of those surveyed stated that attackers were able to take control of their data and demand a ransom within only 12 hours. Additionally, another 30 percent reported this happened within 24 hours.
- Over half of respondents stated the attacks had a significant impact on their organization’s financials (58 percent), operations (57 percent), employees (59 percent), customers (57 percent), and reputation (52 percent).
The Financial Impact Goes Beyond Ransom Payments
Ransom payments are already extremely costly and on the rise, but they are not the only financial loss resulting from an attack. For the 55 percent of respondents that chose to pay the ransom:
- The average ransom was $223,000, while 14 percent paid $500,000 or more.
- There was an average of $183,000 or more in additional costs resulting from the attack.
- Cyber insurance only covered approximately 60 percent of the ransomware payment and other costs, likely reflecting deductibles and coverage caps.
- Despite paying the ransom, only 57 percent of those surveyed got all their data back.
In a media statement, Jon Toor, chief marketing officer at Cloudian, said, “the threat of ransomware will continue to plague organizations around the world if they do not change their approach and response to it. Cyber-attacks can penetrate even the most robust defenses, so it’s critical that organizations prioritize being able to recover quickly from an attack.”
To learn more about Cloudian, click here.
Read the full 2021 Ransomware Victims Report.
Latest posts by Tess Hanna (see all)