81% of Global Organizations Paid Ransom to End Cyberattacks in 2024, Veeam Report Reveals

A recent report by Veeam, the 2024 Ransomware Trends Report, reveals a concerning trend: 81% of global organizations paid ransom to end cyberattacks and recover data in 2024. This marks the third consecutive year that the majority of organizations have opted to pay the ransom.

The report, which surveyed 1,200 respondents including CISOs, security professionals, and backup administrators, found that 65% of these organizations used insurance to cover the costs. Despite these measures, one in three organizations that paid the ransom still could not recover their data, highlighting the ineffectiveness of this approach.

The increasing trend of paying ransom to end cyberattacks has significant implications for global organizations, highlighting the need for robust cyber defense strategies. If left unchecked, this trend could lead to substantial financial losses and compromised data, affecting businesses and individuals alike in the end.

Ransomware continues to be a significant threat, compromising 41% of data during a cyberattack. On average, only 57% of compromised data is recovered, leaving organizations vulnerable to substantial data loss and negative business impact. Dave Russell, Senior Vice President and Head of Strategy at Veeam, stated, "Ransomware is endemic, impacting 3 out of 4 organizations in 2023."

The human impact of cyberattacks is also significant. The report found that 45% of respondents reported heightened pressure on IT and security teams, 26% experienced a loss of productivity, and 25% encountered disruptions to internal or customer-related services. Additionally, 45% cited increased workload post-attack, while 40% reported heightened stress levels and other personal challenges.

The report highlights a critical issue: the misalignment between backup and cyber teams. Close to two-thirds (63%) of organizations find their backup and cyber teams lacking synchronization. Additionally, 61% of security professionals and 75% of backup administrators believe that the teams need significant improvement or a complete system overhaul.

Despite the availability of cyber insurance, the financial impact of ransomware attacks remains severe. The average ransom paid is only 32% of the overall financial impact to an organization post-attack. Cyber insurance will not cover the entirety of the total costs associated with an attack, with only 62% of the overall impact reclaimable through insurance or other means.

The report also emphasizes the importance of effective cyber defense strategies. Organizations must prioritize aligning backup and cyber teams, bolstering cybersecurity with immutable backups, and ensuring rapid, clean recovery. As Russell pointed out, "Organizations must take action to ensure cyber resiliency and acknowledge that rapid, clean recovery matters most."

The full Veeam 2024 Ransomware Trends Report is available for download, and the findings will be discussed at VeeamON 2024, a community event for data recovery experts, taking place online June 3-5 and in person in Fort Lauderdale, Fla.

The Veeam report highlights the persistent threat of ransomware and the significant challenges organizations face in dealing with cyberattacks. With the majority of organizations still opting to pay ransoms, the need for robust cyber defense strategies and improved team alignment is more critical than ever.

Key Takeaways

• 81% of global organizations paid ransom to end cyberattacks in 2024, marking the third consecutive year.
• 65% of organizations used insurance to cover ransom costs, but 1 in 3 still couldn't recover data.
• Ransomware compromises 41% of data, with only 57% recovered on average, leading to substantial losses.
• 63% of organizations lack synchronization between backup and cyber teams, hindering effective defense.
• Robust cyber defense strategies, including immutable backups, are crucial for rapid, clean recovery and minimizing financial impact.