Veeam: Dip in ransomware attacks should not hinder data resiliency

“When all is said and done, the most effective approach that has been proven time and again, is building a resilient data recovery structure focused on proactive threat detection to reduce the chances of an attack from the outset,” comments Beni Sia, General Manager & Senior Vice President, Asia Pacific & Japan (APJ) at Veeam.

Ransomware attacks have taken a dip around the world, according to findings from Veeam’s latest research, From Risk to Resilience: Veeam 2025 Ransomware Trends and Proactive Strategies Report. The report revealed ransomware attacks have slightly declined from 75% to 69% globally, as businesses continue to invest in their cybersecurity and recovery solutions.

The survey, which involved 1,300 organizations from around the world, stated the decrease in ransomware attacks is attributed to improved preparation and resilience practices, as well as increased collaboration between IT and security teams.

Despite this, the threat remains substantial. In fact, with cybercriminals now leveraging AI to launch more sophisticated and frequent cyberattacks, organizations need to continue to prioritize their defenses, especially when it comes to mitigating risks and recovery capabilities.

At the same time, businesses that have experienced a ransomware attack are still struggling with data recovery. Statistics from the report indicated that only 10% of organizations that experienced a ransomware attack last year recovered more than 90% of their data, while 57% recovered less than 50%.

Interestingly, ransomware payments in 2024 have also decreased. The report revealed that 36% of affected organizations opting not to pay a ransom. Of those that did pay, 82% paid less than the initial ransom and 60% paid less than half that sum, emphasizing the importance of robust recovery strategies. This is mainly due to updated regulations and legal frameworks that discourage ransom payments. This includes initiatives like the International Counter Ransomware Initiative that urges organizations to strengthen their defenses rather than capitulate to attackers.

"As the nature and timing of attacks evolve, it is essential for every organization to transition from reactive security measures to proactive data resilience strategies. By adopting a proactive security approach, investing in strong recovery solutions, and fostering collaboration across departments, organizations can significantly reduce the impact of ransomware attacks," commented Anand Eswaran, CEO of Veeam.

Echoing Eswaran’s sentiments is Beni Sia, General Manager & Senior Vice President, Asia Pacific & Japan (APJ) at Veeam. For Sia, there are many factors that compel business leaders to pay the ransom for data recovery after ransomware attacks, despite knowing that this does not guarantee future security.

“One of the main reasons is the pressure to restore critical systems quickly—especially in sectors like healthcare and finance, where downtime can be catastrophic—where executives view paying the ransom as the "lesser evil." However, this is a risky decision. In fact, 17% of organizations that paid the ransom failed to fully recover their data, and decryption tools may be ineffective, leaving businesses with lost or corrupted data. Other reasons why businesses pay to recover data include over-reliance on cyber insurance or concerns over reputational damage,” explained Sia.

Sia also highlighted that Veeam addresses these challenges by offering proactive solutions such as Veeam Cyber Secure – a comprehensive program that combines incident recovery planning, threat intelligence, proactive threat hunting, and ransomware recovery assurance services. This ensures businesses not only have the right tools to recover but also the confidence to respond swiftly and decisively.

In the APAC region, Sia pointed out that the situation is equally challenging. Despite growing awareness and higher security budgets, many Asia Pacific organizations here still suffer from a gap between perceived and actual preparedness.

“Our study found that more than a third (38%) of organizations here highlighted that they require a significant or complete overhaul to fully align their organization’s IT operations and backup teams with the cybersecurity team,” said Sia.

To address this, Sia believes that organizations must adopt proven strategies like the 3-2-1-1-0 backup model and Zero Trust policies.

“We've also recently introduced our Data Resilience Maturity Model (DRMM) to help businesses objectively assess their resilience. Strengthening data resilience is crucial for reducing the risks of ransomware and ensuring that organizations are genuinely prepared to recover without relying on costly ransom payments with uncertain outcomes,” he concluded.

As the report clearly revealed, organizations that prioritize data resilience can recover from attacks up to seven times faster and experience significantly lower data loss rates.