New research from Databarracks reveals 44% of organisations that suffered a ransomware attack, paid the ransom. 34% recovered from backups, while 22% used ransomware decryption tools.

Managing Director of Databarracks, James Watts (pictured) comments: "From the perspective of the victim, it’s understandable why you might pay a ransom. You can’t service customers, you can’t take orders and losses quickly accumulate. The costs of downtime can quickly exceed the ransom. Organisations might think that by paying the ransom it resolves the problem more quickly so they can get back to business as usual. There are several reasons why this approach is flawed."

"Firstly, there’s no guarantee that you will get your data back," he goes on. "Secondly, it’s quite common for organisations to be attacked again once criminals know they are an easy target. Lastly, it sends the wrong message. By paying, you are indirectly encouraging the criminals, showing their tactics work. With the right preparation and guidance however, you can recover your data, and never have to pay the ransom."

Watts offered several pieces of advice for organisations with ransomware concerns: “Immutable storage and physical or logical air-gaps will protect backups from also being changed or encrypted. If you do suffer an attack, your backups are your last line of defence. When you need to recover, identify your most recent, clean recovery point and carry out isolated, sandbox recoveries. Check to make sure no further ransomware is present before starting the full restoration. Lastly, test your Disaster Recovery Plan so know the process and you are confident you can recover quickly and effectively."

Watts concluded: “This year’s survey also showed a growing number of organisations have a policy for whether they would pay out on a ransomware attack. 68% of organisations had a policy in place, up from 54% last year. The data demonstrates an increasing awareness and better preparation for ransomware attacks.”

www.databarracks.com/resources/data-health-check-2022