Surveying more than 600 IT and cybersecurity professionals, nearly four out of five (79%) respondents reported a ransomware attack at their company within the last year. More troubling for organizations is the degree with which these attacks are successful. The survey found that nearly three quarters (73%) report that they have been financially or operationally impacted by these attacks. As noted in the report, “Every lost bit of data is money and may represent a key transaction that can never be reproduced. Losing data is like throwing money out the window in layman’s terms.”
Cyber criminals have become more sophisticated over time and are using new and advanced methods to ensure their efforts are successful,” said Christophe Bertrand, practice director, Enterprise Strategy Group. “For businesses today, the key to combatting this growing threat is to deploy a comprehensive ransomware readiness strategy. Ransomware readiness is a team sport, bringing together IT, security, and data protection groups for a diverse collection of preparedness activities which includes hardware, software and services, as well as insurance, readiness testing, employee security awareness training, playbook development, penetration testing, and more.”
Storage Systems or Cloud-based Data account for 79% of impacted environments in successful ransomware attacks at 40% and 39%, respectively. Complicating matters, the leading point of compromise for attacks is application software vulnerability at 36%, with systems software, application user permissions, misconfigurations of external devices and email nearly equally splitting the remaining share.
“As a business leader, the most critical finding from this report is the discrepancy in potential value loss from a ransomware attack over other downtime events,” said Tom Christensen, global technology advisor and executive analyst at Hitachi Vantara.. “The potential loss of business value is magnified given the increased downtime and difficulty of data recovery, which is why it’s important to not only build resilient infrastructure and applications but to foster a culture of perpetual preparedness throughout the organization.”
“Ransomware is one of our biggest risks and we try to mitigate it to the best of our abilities,” said Leong Boon Ang, Head of IT Security, National University of Singapore, a large university with more than 44,000 students, and 12,000 staff. “We are working with Hitachi Vantara to implement a private cloud storage solution where our users feel safe to store their data. In addition, we have two separate data centers with business continuity plans that includes disaster recovery. These provide us with multiple sources of backups and redundancy, not only for our data but also our virtual machines.”
“We’ve all heard the last line of defense metaphor, but in reality, it’s more a question of resiliency,” said Marco Estrela, Senior Cybersecurity Advisor at Virtual Guardian/ESI Technologies. “Most customers are suffering from long data recovery periods if they even get that far. Even with a sound BCP/DRP strategy, traditional technology doesn’t always support them like it should or how they would like it to. Enter Hitachi solutions which finally brings some relief on the technical side and actually makes our customers more resilient. In the end-to end cybersecurity chain, we count on Hitachi to help our customers not only safeguard against, but also recover efficiently from ransomware and other cyberthreats.”