Around 94% of organisations hit by ransomware in the past year said that the cybercriminals attempted to compromise their backups during the attack according to a study conducted by independent research agency Vanson Bourne.
John Shier, field CTO at Sophos said "Backups are integral to an organisation's resilience. Therefore, it's not surprising that attackers proactively attempt to compromise them. Early detection and a swift response to anomalous activity on a network can prevent attackers from reaching backups in the first place.”
Backup compromise success rate
The study on almost 3,000 IT/cybersecurity professionals whose organisations had been hit by ransomware in the last year revealed that a striking majority (99%) in state and local government, and the media, leisure, and entertainment sectors experienced the phenomenon.
More than half (57%) of backup compromise attempts were successful across all industries. There is a 79% success rate in compromise backups in the energy, oil/gas, and utilities, 71% in education, 30% in IT, technology, and telecoms, and 47% in retail.
Doubled demands
The study also revealed that ransom demands and payments demands on compromised backups.
“Without complete, reliable backups, ransomware attack victims could be forced to make choices they might otherwise avoid, such as paying a ‘basic’ ransom or paying an even higher than normal ransom because there’s no other recourse to get that data back. Ransomware attacks can have serious impacts on business operations; without dependable options for recovery, they can be devastating," shared Shier.
