The threat of a ransomware infection encrypting valuable business data has convinced nearly a third of companies to change their backup strategy, with the majority of firms focusing on a more systematic approach to data backups and disaster recovery, according to study published by Unitrends, a back-up technology company.
The survey of 381 customers found that 29 percent had suffered some data loss due to ransomware, but that the majority only lost a few hours of data. Only 7 percent lost more than a month of data, the Unitrends survey found.
As a result of the threat of ransomware, 32 percent of companies have changed their backup strategy, with most becoming more systematic in the way that they backup and restore their systems.
“The process of backing up is evolving,” Dave LeClair, vice president of product marketing at Unitrends told eWEEK. “When these guys get hit, it forces them to look at what they are doing and make changes.”
Ransomware has become a popular tool of cyber-criminals. In 2014, the number of ransomware attacks more than doubled, to more than 8.8 million, according to Symantec’s latest Internet Security Threat Report.
The more insidious crypto-ransomware compromise, where the malware infects and then encrypts a victim’s data, jumped in popularity to account for 4 percent of all attacks, up from 0.2 percent the previous year.
In one case, a crypto-ransomware campaign infected the computers of more than 1,200 people with 13 percent of victims paying the ransom, netting the criminals behind the operation more than $75,000 in two-and-a-half months, according to advanced threat protection firm FireEye.
“We went from never hearing about ransomware to seeing posts about it regularly,” Unitrends’ LeClair said. “This is a scourge that is not going away.”
The company’s survey found that about two-thirds of businesses hit by ransomware used their backup system to recover the lost data. A third of the businesses changed their backup process following the attack, which matched the proportion of companies as a whole that had changed their backup strategy because of the threat of ransomware.
A ransomware attack, or even the threat of an attack, had a similar impact on companies, with the largest proportion committing to becoming more systematic with their backups and a third changing to a different backup system.
The majority of companies change their backup system every two to three years, but in the face of ransomware, that process seems to be happening more quickly, according to LeClair. “I wonder, in particular, if they get hit, if they are accelerating their move to a different backup process,” he said.