Ransomware: Paying Ransom is for People Who Don't Back Up Their Data Properly.

Awareness of the growing threat of ransomware and malware has increased in recent years, leading to more vigilant IT teams and employees. However, most ransomware attacks still happen because unsuspecting or careless users click on malicious links, visit insecure websites, or fall for phishing emails.

  #Cyber Defense Center   #Security Awareness   #Security Risk Assessment   #Backup Concepts and Archiving  
Marc Rudin
+41 58 510 18 07

Ransomware is still far too lucrative a business model - simply because too many companies are not sufficiently protected[i]. Over the past five years, this type of attacks has caused $43 billion in damages, according to FBI data - and these are just the known cases[ii]. The results of a survey of more than 3,000 IT executives in 28 countries, published by data protection specialist Veeam, reveal the current scope of the problem. Phishing and malicious links are far from being the only popular gateways to corporate networks. Often, it is also infected software packages and compromised credentials that will lead to an incident.


What IT infrastructure is particularly vulnerable?

Once cybercriminals manage to spread throughout an organization's IT environment, 80 percent of attackers will target mainstream systems with known vulnerabilities. These include common operating systems and hypervisors, as well as NAS platforms and database servers. But which parts of a hybrid or distributed IT infrastructure are more or less vulnerable to cyberattacks? The Data Protection Trends Report wanted to find out which components of an attacked IT environment were encrypted. The result: 48 percent of IT leaders surveyed were affected by encryption of servers in their data centers. Forty-nine percent reported that platforms in their remote offices had been encrypted, and 46 percent said that cloud-based server instances had been encrypted. Of particular concern is that attackers often manage to destroy the affected organizations' backup data stores as well - backed-up data was affected in over 60 percent of cases.


Ransom payment is not a guarantee for decryption

The cybercriminals' goal is clear: They demand a lot of money in exchange for victims being able to restore their own data. Of course, the probability that an affected company will pay the demanded ransom is many times higher if recovery from backed-up data is no longer possible. But even ransom payments do not always lead to success. In just under half of the attacks, companies paid the ransom and were able to restore their data. A quarter of the victims, on the other hand, paid the ransom but were still unable to restore the encrypted data. The opposite also happened: One-fifth of the companies refused to pay ransom but were still able to recover the data. The number of those companies that were able to recover their data without paying a ransom was thus almost equal to those that failed to recover despite paying a ransom.


The best solution for an emergency: secure backups

To protect against ransomware, UMB recommends proactive security services to detect and eliminate ransomware attackers before they successfully attack.Secure backups are the only way to survive a ransomware situation relatively unscathed and minimize damage, data protection experts say. That's why it's important for data protection solution providers to focus on ransomware scenarios, enabling victims of cyberattacks to recover their data without responding to ransomware demands. This would massively limit the appeal of ransomware attacks. This approach is also being taken by UMB with Veeam. Veeam offers the leading data protection platform for all workloads. It offers protection against ransomware and accelerates migration to the hybrid cloud. According to IDC, Veeam is No. 1 in the DR&P market. In the second half of 2021, Veeam posted the fastest revenue growth in the global data replication and protection market. Its global headquarters are located in Baar, Switzerland. The company has more than 4000 employees and makes one billion USD in revenue.


UMB with double Veeam Platinum status

UMB was the first and so far only Veeam partner in Switzerland to be awarded double Platinum status by Veeam. This certifies UMB's unique competence in the area of cloud, backup and security. UMB offers experience and expertise in providing simple, reliable and flexible Veeam-based cloud data management for companies whose data should always be available. Together with our partner, we offer Veeam backup solutions that guarantee data storage that is encapsulated and therefore safe from attacks. Contact us if you are concerned about the backup of your data.


[i] Ransomware Trends, Statistics and Facts in 2022 (techtarget.com)

[ii] Alarming Cyber Statistics For Mid-Year 2022 (forbes.com)

I would not wish an incident of this magnitude on anyone. Meier Tobler has responded to this and is implementing a new, strong IT system with UMB!

Martin Schäppi, Head of Corporate Communications, Meier Tobler AG