Rising ransomware attacks amplify World Backup Day's importance
World Backup Day on 31 March draws attention to the growing importance of a robust backup strategy for businesses, which is a crucial line of defence against the rising trend of ransomware attacks. According to an Apricorn survey, in 2023, 24% of organisations suffered data breaches resulting from ransomware, marking a significant increase from the previous year's 15%.
Jon Fielding, the Managing Director EMEA at Apricorn, stated that such attacks are anticipated to escalate due to the advent of Generative AI. He added, "efforts to destabilise the ransomware economy by the authorities appear to be ineffective, with groups such as LockBit making a return." Consequently, it is crucial to implement and regularly test the right backup processes.
The importance of functioning backups is underscored by the Apricorn annual survey, which highlighted that nearly two-thirds of companies experienced data loss due to backup failures last year. From the 90% of companies that had to resort to data recovery, only 27% managed to retrieve all of their data. Fielding noted that these statistics might be connected to "an overreliance on cloud-based processes, as on-premise or local backup solutions are widely recognised as providing the quickest means of recovery."
Doubts about data recovery rates are also echoed in the switch to the cloud and the use of SaaS applications. Organisations appear to assume data backup will be included, a misconception that could be disastrous. "Cloud Service Providers (CSPs) do not automatically provide data backup services for customer data and nor do SaaS providers," Fielding warned. Where such backup services are offered, they are often complex, hard to manage and carry numerous charges ranging from storage, testing, to data transfer.
Fielding pointed out another issue undermining recovery rates—user error, where businesses pass on the responsibility to the individual user due to the increase in remote and hybrid working. Consequently, manual backups have risen, with 48% of companies resorting to them in 2023, a stark increase from just 6% in 2022. However, it is observed that manual backups often result in data being saved incorrectly and not duplicated to a central location, creating a single point of failure. This issue highlights the necessity of following the 3-2-1 rule, where three copies of data are retained on at least two different media, one of which is stored offsite—providing a safeguard against online threats.
Fielding concluded by emphasising the importance of encryption in data backup processes that is often overlooked. He explained, "If data does become compromised and falls into the wrong hands, encryption can ensure that it remains unintelligible." Therefore, adopting encryption across a business as a standard measure strengthens data protection whether in use, in transit, or at rest, thereby complementing the backup process.