2017 Disaster Recovery Statistics that Businesses Must Take Seriously
As we enter 2018, now’s a good time to look back on the 2017 disaster recovery statistics.
Spoiler alert: it wasn’t a good year for many businesses.
- Global ransomware attacks, like WannaCry and NotPetya, showed just how vulnerable companies are, especially when it comes to their data. WannaCry alone infected hundreds of thousands of machines around the world.
- It wasn’t just the “little guys” who were affected. Numerous large organizations were crippled by ransomware last summer: FedEx, Nissan, Merck, Maersk, Mondelez, major banks and healthcare facilities worldwide, just to name a few.
- By the sheer nature of the infections (which took advantage of known vulnerabilities in Windows), these attacks revealed that numerous companies had failed horribly at keeping their operating systems updated and patched.
There are some silver linings, however. Most notably: some companies are finally starting to take disaster recovery more seriously. So, with that in mind, let’s dig into the 2017 disaster recovery statistics. And further below, we offer some additional guidance on what to do if you’re infected with ransomware.
2017 disaster recovery statistics
A quick note. We’ve compiled our 2017 disaster recovery statistics from numerous sources, media outlets and technology companies that are primarily focused on business continuity. In some cases, the stats may reflect trends from earlier years that became available in 2017 or that were released not long after we published our 2016 disaster recovery statistics.
- Hardware failure is the leading cause of all unplanned downtime.
Roughly 45% of unplanned downtime is caused by hardware failure, which could be anything from server drives to faulty network switches. Hardware failure is always going to be unpredictable, but you can reduce risk with backup infrastructure and by having a roadmap for replacing aging hardware before problems occur.
- Power outages account for 35% of unexpected downtime.
This number seems to fluctuate from year to year, due to a range of factors. But make no mistake: power outages and other utility losses will always be a threat. You never know when a major natural event is going to knock out power, potentially for days or even weeks. A backup generator might help in some cases. But be sure to also have a plan for rapidly moving your critical operations elsewhere.
- Unplanned downtime costs between $926 to $17,244 per minute
This one hurts! Unexpected downtime is more costly than ever. Various data shows that businesses lose between $926 and $17,244 for every minute that their operations are stalled. Those costs include lost revenue, lost productivity, recovery expenses, equipment replacement and more. Here’s the takeaway: you need to be doing everything you can to avoid downtime and speed up recovery if a disaster strikes.
- 96% of companies survive ransomware if they have a reliable BDR solution
Ransomware has quickly become one of the leading causes of business-threatening downtime. But in a Datto survey of more than 1,700 managed-service providers (MSPs), 96% said that clients fully recover from an attack if they have a reliable backup and disaster recovery solution in place.
- Ransomware detections were up 90%
The number of businesses who detected ransomware on their systems (whether it was a successful infection or not) skyrocketed by 90 percent. But the good news is that the overall number of new ransomware strains being developed has begun to drop, according to Malwarebytes.
- Spyware is making a comeback
In late 2017, Malwarebytes noticed a huge uptick in detection of spyware at businesses and on consumer machines. This seemed to coincide with the downturn in ransomware development and could signal that cyber attackers are seeking other ways to capture sensitive data.
- 250,000+ hijacker malware detections
Businesses saw a big jump in hijacker malware, according to Malwarebytes. “Hijackers” generally modify the activity within Web browsers, redirecting users to malicious sites or displaying unwanted ads. More than just annoying, this malware can kill productivity and cause widespread downtime if a hijacker is used to install more malicious malware.
- 30% of businesses have no disaster recovery strategy in place
Ouch. Stats show that roughly 1 out of 3 companies have not adequately prepared for a disaster. In some cases, this means organizations have no documented business continuity plan in place, or they haven’t even considered what technologies or procedures they would need to keep operations going after a disruptive event. Make no mistake: this is a sure-fire way to lose the whole business after disaster strikes.
- 90% of businesses without a disaster recovery plan will fail after a disaster
No surprises here. According to a study by Touche Ross, less than 10% of companies survive a major disaster when they have no disaster recovery plan in place.
- 1 in 3 businesses were unprepared for disaster, despite having a plan
A report by StorageCraft revealed that 33% of businesses failed to adequately respond to a disruptive event, despite having a disaster recovery plan. This means the DR plan just didn’t cut it. Typically that means one of two things (or a combination of both): the protocols themselves were inadequate (people didn’t know what to do or didn’t respond quickly enough), or the business-continuity systems, like a BDR appliance, failed. Either way, this is a revealing stat. Businesses need to be rethinking their outdated disaster recovery plans and taking steps to implement better procedures and technologies.
- 35% of companies lose at least one business-critical app
After a disruptive event—whether it be ransomware, power outage, or other disasters—a little over a third of companies said they lost access to one or more of their business-critical applications. It’s worth noting that losses like this can be prevented in most cases with a hybrid cloud BDR with virtualization, from companies like Datto. This would allow users to instantly virtualize their critical apps on other machines, whether from the on-site backup or the cloud.
- 12% of companies could not recover data
For companies that experienced data loss, 12% of them could not recover the data. This is an unfortunate outcome that is typically very costly. And the consequences can be bad for the company’s reputation as well. Imagine, for example, a doctor’s office that loses access to patient records, or a bank that loses transaction data from the last 24 hours. Preventing data loss should be a top priority for every business.
- Recovery efforts eat up 25% of staff time
Recovering after a disaster is a costly drain on productivity. When a disruption occurs, staff are forced to shift their focus to restoring operations, keeping them away from their other priorities. This is why it’s so important to minimize your recovery time objective (RTO) with technology that makes it easier to return to “business as usual.”
- Less than 1 in 3 SMBs are reporting ransomware attacks to the authorities
This is actually an improvement over the previous year, but roughly only a third of ransomware victims are contacting the authorities in an attack. There are numerous reasons for this, as we address below, but in general you should be reporting attacks when they occur. Depending on the ransomware strain, the authorities may have solutions for decrypting your data. But also, law enforcement agencies want to have accurate information on how common ransomware is today.
Ransomware Guidance – Rule #1: Take a Deep Breath
Let’s take a moment to address one of the biggest issues in disaster recovery today: ransomware.
While there’s an increasing number of solutions for preventing ransomware, no system is completely immune. New ransomware strains are constantly being developed. And, those strains are being delivered via more sophisticated methods.
So it’s important to remember there is no shame in having your systems breached. It happens to businesses of all sizes, in every industry.
That said, we understand that many businesses would prefer to stay quiet about an attack. Ransomware attacks can cause alarm for customers, especially at businesses that deal with sensitive customer data. After a service disruption, customers may fear their information has been compromised, even if it hasn’t.
Businesses can avoid creating undue panic by following these steps:
- Implement advanced BCDR solutions that make recovery virtually instant—so that downtime and disruptions in customer-facing services are virtually eliminated.
- Set a more aggressive Recovery Point Objective (RPO). With solutions like the Datto SIRIS, businesses can back up data as often as every five minutes, with no drain on system resources. So in the event that a recovery is needed, the data loss would be minimal.
- Isolate infections immediately. Remove them from the network and shut down other machines that have not been completely infected.
- Think twice before paying the ransom. Paying the ransom should be avoided if possible, because it won’t guarantee you’ll get your data back. Also, negotiating with the hackers could increase the risk that they’ll “go public” about the attack. The FBI advises businesses to notify authorities immediately after a ransomware attack.
Ransomware and other disasters won’t be going away anytime soon. But by having a rigorous process for preventing and responding to an attack, outlined within your disaster recovery plan, you can significantly minimize downtime and your customers won’t even know the difference.