Paying Ransom 'No Guarantee' of Getting Data Back

“Gaps in readiness” are seriously hampering the ability of many organizations to “manage and recover” from ransomware attacks, a Zerto study found. “The research also underlines the increased risk to mitigation strategies presented by widespread skills shortages and over-reliance on internal resources,” said the Hewlett Packard Enterprise subsidiary Tuesday. In an ESG survey of 620 “qualified respondents” in North America and Western Europe in December, 73% of respondents said their organizations were victimized in the previous 12 months. It said 61% of respondents whose organizations paid a ransom were then subjected to further extortion attempts. Paying a ransom is “no guarantee to getting a business completely back online,” the survey found. Only 14% of respondents said their organizations got 100% of their data back “even after acceding to a ransom demand,” said Zerto. Nearly half of survey respondents (45%) “are struggling with skills issues that will help them respond to a ransomware attack,” it said. Meanwhile, analysts at Skybox Research Lab uncovered a 42% increase in new ransomware programs targeting known vulnerabilities in 2021, compared with 2020, reported the cybersecurity company Tuesday. It unearthed 20,175 new vulnerabilities in 2021, the most ever reported in a single year, it said: “These new vulnerabilities are just the tip of the iceberg. The total number of vulnerabilities published over the last 10 years reached 166,938 in 2021 -- a three-fold increase over a decade.”