MOVEit ransomware causes anxiety in business leaders

As a direct result of MOVEit, 42 percent of businesses have invested in backup and recovery.

Posted 23 November 2023 by Christine Horton

In the wake of the MOVEit vulnerability, which impacted an estimated 40 million people worldwide, UK business leaders are increasing their investment in ransomware protection solutions.

New research from Censuswide, commissioned by Veeam Software, surveyed 100 directors of UK companies with more than 500 employees who had suffered a ransomware attack in the past 18 months. Three months on, almost 1 in 4 business leaders (24 percent) reported that they were significantly more anxious about ransomware attacks as a direct result of the MOVEit breach, while 2 in 3 (66 percent) said they were slightly more anxious. Just 6 percent denied being anxious about the threat of ransomware following the MOVEit breach.

This anxiety has translated into action. As a direct result of MOVEit, 42 percent of businesses have invested in backup and recovery, and 29 percent optimised their existing strategy to ensure they have accurate and easily recoverable data to fall back on in the event of a compromise.

Forty-one per cent of businesses increased their spend on wider cybersecurity solutions, and 31 percent took out a cyber insurance policy. The survey also revealed the value UK business leaders place on equipping their workforce with the skills and training to manage the ransomware threat: 42 percent of respondents increased spend on skills development, and 40 percent upped their investment in training.

Business believe attacks are inevitable

A shift in perception can be observed across the UK business landscape, with the research revealing that business leaders now expectto fall victim to a ransomware attack, viewing it as an inevitability. Fifty-nine per cent of respondents expressed this belief as highly likely, with the same number believing that they are ‘highly likely’ to suffer more than one attack.

While it is alarming that while most respondents believe attacks are unavoidable, 50 percent also believe that it is impossible to protect against them. Veeam said this belief fails to account for the data protection strategies and solutions which can prevent a ransomware attack.

It noted that every organisation will have its data compromised at some point, and so the ability to rapidly recover and control the chaos in the face of business disruption has to be a foundation of their cyber protection strategies.

 “MOVEit cyberattacks have changed the discourse around ransomware and thrust the issue front and centre into the public domain,” said Dan Middleton, VP UK&I at Veeam. “While it has sadly become an inevitability for businesses, protection is possible. Businesses need to achieve ‘radical resilience’ against ransomware by developing a data protection and ransomware recovery strategy that goes beyond the basics.

“The Veeam Ransomware Trends Report 2023 reveals that 93 percent of cybercriminals target backups, so it is critical that organisations recognise that not all backup and ransomware recovery solutions are created equal, and the secret to protection lies in immutability.”