Skip to content


Top Ransomware Trends Revealed in Veeam 2023 Ransomware Report

By: Kirk Savidis

Veeam data protection trends

Table of content

Every year, Veeam, one of the leading data protection and recovery providers, surveys thousands of leaders ahead of publishing their Ransomware Trends Report. This year in the survey, 1,200 unbiased IT leaders whose organizations suffered at least one ransomware attack in 2022 were surveyed. The leaders were asked about the specific impact the event had on their environment, and what new policies and procedures have been implemented since then.

As a Veeam Platinum Partner we can’t pass up an opportunity to share the findings with our clients and discuss how we see them playing out in real life, so let us dive in.

“80% of victims paid the ransom, but many still could not recover”

Veeam’s survey found that 80% of organizations paid ransom fees associated with incidents. This is excruciatingly high, as implementing proper incident response plans and having safe repositories of your data to back up from can erase the need to pay ransom fees. In addition, paying the ransom fees can potentially put a target on your organization’s back. Bad actors will see that your organization is willing to pay under the circumstances, which can paint you as a more attractive target in the future.

However, it gets worse: 21% of organizations paid the ransom and still were not able to safely recover their data, demonstrating that there is never a guarantee that paying the ransom will resolve in data recovery.

Does paying ransomware work?

Reminder: 5 Dos and Don’ts in Ransomware Response

Step 1: DO isolate network traffic to mitigate the risk of continued adversary activity.
Step 2: DO NOT turn off servers until you are certain they have not been affected by ransomware.
Step 3: DO verify the state of business-critical system backups and make an offline copy of these backups.
Step 4: DO contact legal counsel and inform them of the situation.
Step 5: DO NOT try to “clean up” the ransomware without professional assistance.

Corresponding Content:

“It Takes at Least 3 Weeks to Recover (per attack) – After Triage”

Respondents to Veeam’s survey averaged that it took 3 weeks before they considered their recovery complete. Minimizing the downtime associated with ransomware attacks is critical to ensure businesses can stay afloat. This is where the incident response plan shines. Before the backup recovery can even occur, you need to identify which servers were targeted and infected and determine that the backups are safe to recover from.

From the graph to the right, it is important to note that 24% of organizations surveyed were able to get up within 1 week after identifying the incident. These organizations had concrete policies and procedures in place to efficiently restore data backups.

How long to recover from ransomware?

When you work with Dataprise, we leverage Veeam’s offerings to enable Disaster-Recovery-as-a-Service to create a comprehensive data protection strategy to set you up for success. We also layer on Enhanced Data Protection which delivers an extra level of ransomware protection for your data (more on that later!)

Corresponding Content:

“Cyber Villains Were Able to Affect the Backup Repositories in 75% of Attacks”

RW23 06 Did they attack backup repositories

Veeam’s Ransomware Trends Report found that only 25% of organizations had backups that were safe to restore from, a number which is trending down from last year at 33%. Just like solutions evolve so does hacker methodology. Bad actors know that they are more likely to pigeonhole organizations into paying ransom fees by targeting backup data.

On top of that, in 93% of attacks surveyed in 2022, bad actors targeted the backup repositories. Having data backups does not indicate safety in the event of a disaster. Dataprise partners with Veeam to deploy a propriety-enhanced data protection model. This allows us to add a “gap” between the created cloud repository and a hidden, protected repository.

Cyber-attacks are not a matter of ‘if’, but a matter of ‘when’. Doing your due diligence as an IT leader by creating processes and procedures to mitigate damage associated with attacks is critical. As Veeam lays out in their 2023 Ransomware Trends Report, a secure backup is the only alternative to simply paying the ransom.

Veeam aims to provide organizations with resiliency through data security, data recovery, and data freedom for their hybrid cloud. Dataprise is proud to be a Veeam Platinum Provider and power business effectively and securely.

How our Enhanced Data Protection Works to Stop Ransomware with Veeam

Recent Tweets


Want the latest IT insights?

Subscribe to our blog to learn about the latest IT trends and technology best practices.