Please fill in the form below to subscribe to our blog

Most Businesses Would Struggle to Survive a Ransomware Attack

December 14, 2023

See some of the results of the Kaseya Security Survey Report 2023

In the ever-evolving landscape of the digital age, businesses find themselves on the front lines of a relentless battle against an insidious threat – ransomware. From crippling financial losses to irreparable damage to reputation, the perils of a successful ransomware attack are manifold. As our world becomes increasingly interconnected and reliant on technology, the danger posed by malicious actors seeking to exploit vulnerabilities for financial gain has reached unprecedented heights. In the Kaseya Security Survey Report 2023, we polled 3,066 IT professionals from around the world to find out about their experiences with ransomware over the past year and what they anticipate they’ll see in 2024. 


See the challenges companies face & how they’re overcoming them in our Kaseya Security Survey Report 2023 DOWNLOAD IT>>

A ransomware attack would have a significant or fatal impact on 70% of businesses

With the number and frequency of ransomware attacks growing constantly, it’s no surprise that most IT professionals expect their employers to fall victim to one. Over three-fifths of our survey respondents (64%) said that their company is likely to experience a successful ransomware attack in the next 12 months. More than half (53%) of our respondents indicated that a successful ransomware attack would have a significant impact on their organization. An unfortunate 17% said they believe their company is unlikely to survive a successful ransomware attack.   

Businesses must take every precaution to put themselves in the best possible position to recover from a ransomware attack. Having a business continuity and disaster recovery (BCDR) solution, a ransomware-specific incident response plan and endpoint detection and response (EDR) with a ransomware rollback feature will go a long way toward mitigating disaster.  

What do you believe is the likelihood your organization will experience a successful ransomware attack in the next 12 months?  

Likelihood of falling victim to a ransomware attack     Response     
Extremely likely   5%   
Very likely     22%     
Somewhat likely     37%     
Not very likely   28%     
Not at all likely     8%     

Source: Kaseya Security Survey Report 2023 

If a successful ransomware attack on your organization were to occur, how much impact do you think it would have?  

Severity of Impact   Response     
Extreme impact – it would be difficult to recover   17%     
Significant impact     53%     
Minimal impact     28%     
No impact     2%     

Source: Kaseya Security Survey Report 2023 

Every business faces insider risk, from employee mistakes to malicious acts. Learn how to mitigate it. DOWNLOAD EBOOK>>

Almost half of respondents reported that their organization chose to pay a ransom 

As we covered earlier, one in five of our respondents said that their organization paid the attacker when they experienced a successful ransomware attack. For nearly half of those businesses, that ransom payment was between $100 and $1,000 (42%). Even though that may seem like an acceptable cost to retrieve your data and get back to work, paying the ransom doesn’t always work out and may be illegal.   

Thinking about the ransomware attack you experienced, what was the cost of the ransom?   

Cost of Ransom  Response  
$50,000 or more  6%  
$25,000 to less than $50,000  9%  
$10,000 to less than $25,000  12%  
$5,000 to less than $10,000  13%  
$1,000 to less than $5,000  21%  
$500 to less than $1,000  15%  
Less than $500  15%  
I don’t know  5%  
I prefer not to answer  2%  

Source: Kaseya Security Survey Report 2023 

Learn more about growing supply chain risk for businesses and how to mitigate it in a fresh eBook. DOWNLOAD IT>>

On premise servers are the most likely way to have data encrypted 

Data encryption is one common effect of ransomware, and a major problem for the businesses that are hit by an attack. The locations of the data that our survey respondents had encrypted as part of their ransomware attack varied but the biggest slice, 40%, had their data encrypted in an on-prem server. In a close second place, 38% of respondents said that their company’s data was encrypted in a private cloud, with non-server endpoints in the third spot. In contrast, only 16% of respondents using Saas data storage reported having data encrypted.  

Thinking about the ransomware attack you experienced, what was the location of the data that was encrypted during the attack? 

Location Response 
On-premise server(s) 40% 
Private cloud 38% 
Non-server endpoints (e.g., PCs, laptops or workstations) 31% 
Public cloud 24% 
SaaS 16% 

Source: Kaseya Security Survey Report 2023 

an ominously dark image of a hacker in a blue grey hoodie with the face obscured.

Explore the nuts and bolts of ransomware and see how a business falls victim to an attack. GET EBOOK>>

Only one third of companies can perform a disaster recovery

Our survey respondents followed a variety of pathways to recover from ransomware disasters. One-third of respondents (33%) said they were successfully able to perform a disaster recovery and restore everything from backups — a low figure considering the expenses and downtime a business can face in the event of a ransomware attack. More than half of respondents (60%) told us that they were forced to reinstall and reconfigure at least some of their systems — a time-consuming operation.   

One in five respondents said that their organizations paid the attackers — a practice that is frowned upon by experts and law enforcement because it can embolden cybercrime gangs and, in some cases, support terrorism. About one-fifth of respondents paid the ransom in an effort to recover their data. However, as 14% of respondents found out, paying the ransom doesn’t necessarily mean that you will recover your data.   

If you were a victim of a ransomware attack, which of the following actions did you take to recover your data?  

Action  Response  
Performed disaster recovery (DR) and restored everything from full backups  33%  
Restored a portion of the systems and reinstalled and reconfigured the rest  31%  
Reinstalled and reconfigured all of our systems from scratch  29%  
We paid the ransom to have our data decrypted  21%  
We decided not to pay the ransom and lost our data completely  17%  
We paid the ransom but still could not decrypt our data, losing it completely  14%  
We could not recover and have closed or are closing our business  7%  
No action was needed  4%  
We have never been hit with a ransomware attack  14%  

Source: Kaseya Security Survey Report 2023 

young brunette caucasian woman sits at a com[uter mo

See the path from a cyberattack to a defensive success with managed SOC in this infographic. GET IT>>

Mitigating cyber risk is easy with Kaseya’s Security Suite

Kaseya’s Security Suite has the tools that MSPs and IT professionals need to mitigate cyber risk effectively and affordably, featuring automated and AI-driven features that make IT professionals’ lives easier.  

BullPhish ID — This effective, automated security awareness training and phishing simulation solution provides critical training that improves compliance, prevents employee mistakes and reduces a company’s risk of being hit by a cyberattack.     

Dark Web ID — Our award-winning dark web monitoring solution is the channel leader for a good reason: it provides the greatest amount of protection around with 24/7/365 human and machine-powered monitoring of business and personal credentials, including domains, IP addresses and email addresses.    

Graphus — Automated email security is a cutting-edge solution that puts three layers of AI-powered protection between employees and phishing messages. It works equally well as a standalone email security solution or supercharges your Microsoft 365 and Google Workspace email security.      

Kaseya Managed SOC powered by RocketCyber — Our managed cybersecurity detection and response solution is backed by a world-class security operations center that detects malicious and suspicious activity across three critical attack vectors: endpoint, network and cloud.      

Datto EDR — Detect and respond to advanced threats with built-in continuous endpoint monitoring and behavioral analysis to deliver comprehensive endpoint defense (something that many cyber insurance companies require).      

Vonahi Penetration Testing – How sturdy are your cyber defenses? Do you have dangerous vulnerabilities? Find out with vPenTest, a SaaS platform that makes getting the best network penetration test easy and affordable for internal IT teams.   

Learn more about our security products, or better yet, take the next step and book a demo today!

let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!


Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>

See Graphus in action in an on-demand video demo WATCH NOW>>

Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!