How do Retention Plans Work?
As we’ve already discussed in a previous article, entitled “How Do ZFS Snapshots Really Work”,…
Read MoreAccording to multiple sources, in the first three quarters of 2023, more cyber intrusion attempts than in all of 2022. In the first quarter of 2023, ~51 million attacks were recorded. The number increased significantly in the second quarter, which recorded ~89 million. There has been a steady increase in such attacks for several years – the number is constantly growing and becoming more frightening. It’s not getting any better in 2024. In Q1, there were 192 publicly disclosed ransomware attacks, a 48% increase over Q1 2023. The number of undisclosed attacks also increased by 22% year-over-year.
Terrifying statistics, isn’t it? They underscore the growing threat from ransomware and the importance of robust cyber security measures. We are seeing new techniques to protect against the attacks themselves related to new hacker tactics and new ransomware families. That’s why it’s also increasingly important to focus on protecting against the consequences of ransomware to minimize the possibility of downtime, as well as loss of reputation, money, and, most importantly – data, which can even lead to bankruptcy.
In 2024, the cost of recovering from ransomware attacks and ransom payments continued to rise significantly. While some reports indicated a slight decrease in the overall rate of ransomware attacks, the financial impact of each incident remained severe. Sophos’ 2024 ransomware report shows that average recovery costs (excluding ransom) have reached $2.73 million, marking an increase of nearly $1 million from 2023. Additionally, ransom payments themselves have surged, with the average payment hitting $2 million, a 500% increase compared to last year’s $400,000. It reflects the rising ransom demands and the broader costs of disruption and recovery from attacks that organizations face.
Not only business offices but also employees working from home, often lacking network security, also became easy targets for data breaches in 2024, with over half of the attacks originating from simple phishing emails. This issue affects everyone, from individuals to large corporations.
In 2025, there is a strong probability for an increase in the threat from cyber threats known as ‘killware’ – a form of ransomware that surpasses financial extortion by directly attacking life-critical systems, threatening human lives. A notable case was the 2020 ransomware attack on a German hospital, where a system disruption led to a patient’s death when emergency care was delayed. In response, governments and cybersecurity experts are tightening regulations, promoting public-private security partnerships, and bolstering the protection of operational technology (OT) systems to mitigate such potentially deadly cyber risks. However, in 2025, it will still be a growing threat that governments need to take care of.
Another significant trend in cybersecurity expected to evolve by 2025 is the adoption of more complex cyber-security architectures and zero-trust policies to mitigate risks associated with remote working. These architectures allow companies to deploy device-level security in decentralized configurations, making them better prepared for ransomware and phishing attacks, which are expected to remain common attack vectors.
The escalating Russia-Ukraine and Israel-Palestine wars have led to increased cybersecurity risks. Military cyber units’ actions against the enemies affect electronic communications, including email, phone calls, and social media, which of course, also affects any company still operating during a horrific time of war.
These conflicts have highlighted the importance of robust cybersecurity measures for businesses and organizations, especially those operating remotely or from home offices. It’s crucial to stay vigilant and ensure that appropriate security protocols are in place to protect against these increasing cyber threats. It’s likely to affect the companies that are partners or customers of these attack victims, which may lead to crucial business processes interruptions.
Some of the biggest attacks in 2024 provided by the BlackFog service were:
Talking about safety measures – there’s no such thing as enough security tips, so we’ve listed some of the cybersecurity must-haves for all to be remembered at all times:
What about safety measures within businesses? Of course, apart from the safety measures listed above, you can, for instance, give users only the bare minimum privileges needed to do their jobs, purchase a cybersecurity insurance policy, invest in file activity monitoring (FAM) solutions, and/or use endpoint detection and response (EDR) and extended detection and response (XDR) tools.
Plus, the most important – train your employees! Provide your staff with cybersecurity workshops, present them with all the benefits of following the proper cyber hygiene and teach them how to detect potential dangers.
Now take a look at the essential tip left for the very end to highlight its importance to the maximum. So ….
Always back up your data to external devices or off-site locations. Take backups seriously by not only copying your data daily but also keeping some critical ones in other locations and disconnected from your primary network. This way, they’ll definitely be much less vulnerable to a ransomware attack. Why is external backup so important?
In the unfortunate case of a ransomware attack, decryption is no longer possible. Data backup protects you from the obnoxious consequences of a ransomware attack due to the fact that if you keep a backup in the event of an attack and are still able to prevent the malware from reaching and encrypting it too. This way, companies and organizations guarantee a safe and easy way to recover the data. Not being forced to pay the ransom.
Open-E JovianDSS is a ZFS- and Linux-based data storage software that contains the On- & Off-site Data Protection feature that is designed especially for backup. The feature allows users to back up and restore crucial company data in case of an unexpected disaster by creating consistent read-only snapshots and thanks to asynchronous snapshot replication to local and/or remote locations. Due to the fact that snapshots are read-only and thus cannot be encrypted, the backup server can stay online all the time. Replication tasks in turn, can be well-organized according to advanced retention plans, which control the creation and deletion of snapshots both on the source device and the backup one.
With Open-E JovianDSS On-&Off-site Data Protection, you can create an unlimited number of consistent snapshots of basically everything, including databases or virtual machines, with all the applications saved. This feature provides instant access to all data, which is a quick way to roll back to the state before a ransomware attack. So, why tempt fate by not having a backup solution if you can rest assured your data is actually safe?
If you want to be proactive, you can discover vital information about protecting your business against ransomware with Open-E’s detailed brochure. ‘Next-Gen Defense: How Open-E JovianDSS Protects Against Ransomware Attack Consequences’ covers everything from the top cyber security threats in 2024 to expert advice on avoiding the consequences of a ransomware attack. The brochure discusses key topics such as data protection challenges, types of ransomware and common backup mistakes. But that’s not all! You can learn how Open-E JovianDSS solutions can secure your data and support business continuity, helping you remain resilient to evolving cyber threats. Download it now to arm yourself with proven strategies for a ransomware-free future.
To show you the scale of ransomware attacks over the years and to highlight the perspective of how many enterprise companies face this problem, we decided to also include an archive of attacks from previous years. Be aware and stay safe!
Leave a Reply