- Veeam study find budget increases for cybersecurity aren’t enough; businesses need smarter resilience strategies
- Ransomware payments are dropping, but attackers are shifting tactics faster than businesses can adapt
- Declining attack rates don’t mean ransomware is beaten
New research has revealed the scale of recent ransomware evolvution, warning it remains a dominant threat to organizations worldwide.
A Veeam study, which gathered insights from 1,300 CISOs, IT leaders, and security professionals across the Americas, Europe, and Australia, found nearly three-quarters of businesses were impacted by ransomware over the past year.
Cybersecurity measures seem to be having some effect, with businesses facing ransomware incidents dropping slightly from 75% to 69% – and ransomware payments are also decreasing, as in 2024, 36% of affected businesses chose not to pay, and 60% of those who did paid less than half of the demanded ransom.
Declining attack rates are no reason for complacency
“Organizations are improving their defenses against cyber-attacks, yet 7 out of 10 still experienced an attack in the past year. And of those attacked, only 10% recovered more than 90% of their data, while 57% recovered less than 50%,” said Anand Eswaran, CEO of Veeam.
Still, businesses cannot afford to relax. Major law enforcement actions against groups like LockBit and BlackCat have disrupted large-scale operations, but this has inadvertently led to a surge in smaller, independent attackers.
Companies still need to adopt proactive defenses and use anti-ransomware tools alongside the best endpoint protection solutions.
“As the nature and timing of attacks evolve, it is essential for every organization to transition from reactive security measures to proactive data resilience strategies. By adopting a proactive security approach, investing in strong recovery solutions, and fostering collaboration across departments, organizations can significantly reduce the impact of ransomware attacks,” Eswaran added.
The rise in data exfiltration-only attacks, where hackers bypass encryption to steal private data directly, is another alarming trend. In this environment, relying solely on antivirus software may not be enough.
Although 69% of companies say they are prepared for an attack, this confidence drops sharply after an incident. Only 44% have tested backup plans, and just 30% have a formal chain of command in place.
Regular training, cross-team cooperation, and investment in strong recovery frameworks are necessary. Although budgets for cybersecurity and recovery have increased, they remain insufficient.
As a result, Veeam advises companies to implement thorough procedures such as the 3-2-1-1-0 data rule, which ensures multiple immutable backups free of malware before restoration.
Leave a comment