Ransomware attacks remain one of the biggest data management fears and data protection challenges. In this BlogBytes we will examine the ransomware phenomenon and review some of the key findings in the Veeam 2022 Ransomware Trends Report and how you can prepare and defend against this nefarious activity with lots of help from LTO technology. Let’s get the details.


Ransomware is a form of malware where cyber-attackers penetrate a computer network, encrypt the data, and then demand a ransom payment to get decryption keys to unlock the data with the threat of obliterating the data and/or making it public if the ransom is not paid. The average cost to recover from an attack including ransom payments, downtime, people and device costs has been estimated at $1.85M.

According to the firm WatchGuard, the first quarter of 2022 had more ransomware attacks than were seen in all of 2021. In addition, attacks occur against businesses and government agencies of all sizes. A lot can be learned from the details of these attacks and how to prevent and prepare for an attack by communicating directly with victims. That is exactly what the Veeam group has done in their 2022 Ransomware Trends Report. Let’s inspect some of the highlights.


The Veeam 2022 Ransomware Trends Report summarizes the findings from 1,000 organizations all of which had been cyber-attacked by ransomware at least once and many multiple times. How do cyber-criminals get into your network? According to the report, the same tried and true techniques are still prevalent; “The most common entry point for a cyber-attack is still phishing emails, malicious links, or a website that has dubious underpinnings.”

Once the attackers are in the victim’s network the most sought after targets are backup repositories (94%) and specific production platforms or application types (80% e.g. Windows, VMware). As noted in the report, “On average, 47% of data was encrypted according to survey respondents. That said, there is plenty that IT professionals can do through increased diligence in patch-testing, credential management, role-based controls, etc. Database administrators should also help ensure that database servers are secure and administrators should help ensure hypervisors are patched, that Windows updates are routinely run, etc.”

According to Veeam, “… having a plan in place that includes verified, tested and secure backups that can be restored quickly is the key to surviving modern attacks like ransomware. It’s important to always remember that your backup infrastructure is part of your overall cybersecurity defense plan and can be the final option for getting back to, or staying in, business.”


As noted above, a fundamental part of your cyber-attack defense and recovery plan should be an immutable and reliable backup infrastructure. As stated in the report, “Considering the rising costs associated with cyber-attacks, plus the investment put into production systems to accommodate the ever-increasing demands on IT today, the low total cost of ownership (TCO) of tape is making it favorable for organizations of all sizes.”

LTO tape storage is high performing and highly reliable backup-archive technology, and, inherently offline and air-gapped. When a tape data cartridge is removed from the tape drive it is offline and no longer connected to the system, that is, an air-gap is created between the system and the data thereby preventing cyber-access. In the event of an attack, the tape secured data can be used to recover. In addition, LTO technology supports tape data encryption and the data cartridges can be easily transported to an offsite remote location to further protect from malware attacks and from disasters that affect the primary site.


Malware — ransomware – phishing — cyber-warfare continues! An organization, whether it is a primary site or a cloud service provider, must remain vigilante to protect its data and other assets. Use LTO tape as part of your multi-pronged defense against cyber-criminal activity. See more about the data protection attributes of LTO technology against ransomware in a short video here.