A quarter of IT professionals either don’t know or don’t think Microsoft 365 data can be impacted by a ransomware attack, research from Hornetsecurity has claimed.
In addition, 40% of IT professionals that use Microsoft 365 in their organization admitted they do not have a recovery plan in case their Microsoft 365 data is compromised by a ransomware attack.
Though many of the less advanced ransomware variants can only encrypt targets such as Windows file libraries, many variants can encrypt data that is stored inside SaaS (Software-as-a-Service) applications like Microsoft 365.
Ransomware knowledge gap
The firm’s research, which surveyed over 2,000 IT leaders, also revealed several other findings related to ransomware.
In 2022, 24% of those surveyed said they have been victims of a ransomware attack, an increase from 21% in the previous year. In 2021, 16% of Hornetsecurity’s respondents reported having no disaster recovery plan in place, howevever in 2022 this grew to 19%, despite the rise in attacks.
The survey also showed that more than one in five businesses (21%) that were attacked either paid up or lost data, and that 7% of IT professionals whose organization was attacked paid the ransom, while 14% admitted that they lost data to an attack.
If you’re interested in learning more about the type of ransomware protection that Microsoft 365 provdies as standard, the company’s guide can be found here (opens in new tab).
“Attacks on businesses are increasing, and there is a shocking lack of awareness and preparation by IT pros. Our survey shows that many in the IT community have a false sense of security. As bad actors develop new techniques, companies like ours have to do what it takes to come out ahead and protect businesses around the world,” said Daniel Hofmann, CEO at Hornetsecurity.