{"id":8739,"date":"2025-03-31T12:00:00","date_gmt":"2025-03-31T09:00:00","guid":{"rendered":"https:\/\/blog.eset.ee\/et\/?p=8739"},"modified":"2026-06-14T19:46:57","modified_gmt":"2026-06-14T16:46:57","slug":"resilience-in-the-face-of-ransomware-a-key-to-business-survival-2","status":"publish","type":"post","link":"https:\/\/blog.eset.ee\/et\/en\/2025\/03\/31\/resilience-in-the-face-of-ransomware-a-key-to-business-survival-2\/","title":{"rendered":"Resilience in the face of ransomware: A key to business survival"},"content":{"rendered":"

\u201cEverybody has a plan until they get punched in the mouth.\u201d<\/em>\n<\/p>\n

Mike Tyson\u2019s punchy (pun intended) adage rings all too true for organizations reeling from a ransomware attack. In recent years, ransomware has proven capable of bringing even a thriving business to its knees in a matter of hours, and it\u2019s safe to say that it will continue to sucker-punch organizations of all stripes, testing their cyber-mettle and contingency plans in ways few other threats can match.<\/p>\n

There\u2019s no shortage of data and actual incidents to bear this out. According to Verizon\u2019s 2024 Data Breach Investigations Report<\/a>, one-third of all data breaches involve ransomware or another extortion technique. “Ransomware was a top threat across 92% of industries,” reads the report.<\/p>\n

If this sounds disconcerting, it\u2019s because it is. The stakes are also high because ransomware may also come on the back of a supply chain attack<\/a> \u2013 as was the case with the Kaseya incident<\/a> in 2021 that exploited a vulnerability in the company\u2019s IT management platform to vastly amplify the reach of ransomware across an untold number of organizations worldwide.<\/p>\n

Bruised and battered <\/h2>\n

When the news of a ransomware attack breaks, headlines often focus on the dramatic ransom demands and the ethical and legal conundrums over payment<\/a>. What they often fail to capture, however, is the organizational and human trauma<\/a> suffered by the victims, doubly so when the incident is compounded by data exfiltration and threats to make the stolen data public.<\/p>\n

When systems go dark, businesses don\u2019t simply pause \u2013 they hemorrhage money while watching new opportunities slip away and brand reputation suffer. The wounds deepen exponentially as frantic recovery efforts stretch from hours into days, weeks and possibly even months. The brutally simple premise of ransomware \u2013 encrypt critical business data and demand payment for its release \u2013 actually belies a complex cascade of operational, financial and reputational damage that unfolds in the wake of the attack.<\/p>\n

Again, there is ample data to show that a successful ransomware incident costs victims dearly. IBM\u2019s Cost of a Data Breach Report 2024<\/a>, for example, puts the average cost of recovery from such an attack at close to US$5 million.<\/p>\n

\"scarab-ransom-note\"
Scarab ransomware<\/a> also aims to hinder restoration efforts<\/em><\/figcaption><\/figure>\n

Throwing a lifeline <\/h2>\n

Organizations hit by ransomware typically rely on three escape routes: restoring from backups, receiving a decryption tool from security researchers (such as those involved with the No More Ransom<\/a> initiative, which includes ESET<\/a> as a member) or paying the ransom in return for a decryptor. But what if none of these options turns out to be workable?<\/p>\n

First, attackers often tighten the screw on victims by targeting also their backup systems, corrupting or encrypting them before deploying ransomware on production environments. Second, decryption tools from researchers are better thought of as a last-resort option as it often cannot match the urgency of business recovery needs. <\/p>\n

What about throwing in the towel and paying the ransom? Leaving aside the possible legal and regulatory pitfalls<\/a>, payment guarantees exactly nothing while often just adding insult to injury. Colonial Pipeline learned this the hard way when the decryption tools provided to it<\/a> in exchange for a ransom payment of US$4.4 million were so shoddy that restoring systems from backups turned out to be the only viable option anyway. (Note: the U.S. Department of Justice later recovered most of the ransom<\/a>.)<\/p>\n

ESET Ransomware Remediation<\/a> brings a new approach to this conundrum, effectively combining prevention and remediation into one. It creates targeted file backups that are out of reach for bad actors during a process that kicks in when the risk is straight ahead; i.e., once a possible ransomware attempt is detected. Since attackers also often take aim at data backups, this approach addresses the risk of unknowingly relying on compromised backups. <\/p>\n

Bracing for impact<\/h2>\n

Ransomware is a full-blown disruptor capable of unraveling business operations thread by thread and with alarming speed. That said, organizations with tried-and-true prevention and recovery capabilities will not only survive in the face of ransomware attacks and other threats \u2013 their ability to sidestep such blows may become their ultimate competitive advantage. <\/p>\n

In the ever-shifting digital landscape, change is the only constant, and resilience hinges on anticipating the unexpected. Plan for the unknown like your business depends on it \u2013 because it does.<\/p>\n

Read the full analysis on WeLiveSecurity \u2192<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Your company\u2019s ability to tackle the ransomware threat head-on can ultimately be a competitive advantage<\/p>\n","protected":false},"author":5,"featured_media":8740,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2879],"tags":[],"class_list":["post-8739","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-business-security"],"acf":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/8739","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/comments?post=8739"}],"version-history":[{"count":1,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/8739\/revisions"}],"predecessor-version":[{"id":9422,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/8739\/revisions\/9422"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media\/8740"}],"wp:attachment":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media?parent=8739"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/categories?post=8739"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/tags?post=8739"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}