A Cybereason report shows that 49% of enterprises who pay the ransom either get only part of their data back, or none at all
By Ning Yun, Director of Data Storage Department of Huawei SAR (Huawei.com)
Ransomware is striking at an alarming rate. Information technology research and consultancy company Gartner predicts, by 2025, at least 75% of IT organizations will face one or more attacks. Refined hacking tools and extortion strategies have made ransomware the biggest threat to individual, enterprise, and national data security.
Constant ransomware attacks cause huge damage
When ransomware strikes, it steals and encrypts valuable data. Encrypted data can be decrypted only by paying the hackers a ransom. Hackers, working through darknets, usually demand Bitcoin to make the payment as difficult as possible to trace. The damage ransomware creates is great, as are hackers’ profits.
According to leading investment consulting firm Cybersecurity Ventures, by 2031, ransomware is expected to attack a business, consumer, or device every 2 seconds. In 2021, this number was only 11 seconds. Even at that lower frequency, that same year, global ransomware damages reached US$20 billion — 61 times more than in 2015 (US$325 million). The largest ransom — so far — was US$70 million. But do ransoms solve the problem? No. A Cybereason report shows that 49% of enterprises who pay the ransom either get only part of their data back, or none at all. 80% of enterprises who pay the ransom are targeted a second time. Ransoms are also not the only problem: ransomware damages brands, causes long service interruptions, exposes enterprises to legal liability, and more. Such collateral damage can be enormous: as much as 23 times the ransom.
In March 2021, hackers encrypted 15,000 devices belonging to an insurance corporation. Vast numbers of customer data files were at risk of being leaked. The company paid US$40 million to retrieve the data.
In May 2021, ransomware halted all the operations of an oil pipeline giant for 11 days. Gasoline prices in the country rose to their highest level in seven years, leading to panic buying. The company paid a ransom of US$4.4 million.
In April 2022, a leading car manufacturer had to cut its annual production by 500,000 vehicles following an attack on its suppliers which resulted in a 1.4 TB data leak.
In May 2022, two attack waves caused a country to declare a cyber security emergency. They damaged basic services like healthcare, and even international trade.
There are many more examples. Hackers target large, high-value enterprises and industries. Government, energy, transportation, finance, manufacturing, and healthcare are their main objectives, but no one is safe.
Ransomware trends to know
Ransomware is extremely good at disguise. It has many ways to get into your system, for example storage, phishing emails, Trojans, social networks, and malicious insiders. It is difficult to detect and defend against. A typical attack encrypts or deletes all local data copies and can even target disaster recovery (DR) centers, making it impossible to quickly restore data. What follows, according to a ZDNet report, is an average of 16 business days system downtime. The average cost to recover from an attack, calculated by Sophos, is US$1.85 million.
There are four important ransomware trends:
Hackers focus on large enterprises and infrastructure
Instead of launching broad campaigns, ransomware attacks now increasingly focus on high-value targets. The research that hackers need to do for this approach to work is difficult, time-consuming — weeks or even months! — and expensive, but the potential profits make it worthwhile. Elaborate attacks make even previously well protected organizations potential victims, and also threaten government departments.
Ransomware as a Service (RaaS)
Rapid development of network and information technologies as well as encrypted digital currencies has created a hotbed for malicious actors. Ransomware operators now sell ransomware-related services to other attackers through customized solutions, memberships, or subscriptions. This lowers the barrier to entry for launching ransomware attacks, resulting in explosive ransomware growth.
Double extortion becoming the new normal
Ransomware is not limited to encrypting data and demanding ransoms. Attackers also steal data, and threaten to leak it. Even if an enterprise has a recent backup, it still cannot risk a leak of confidential information and subsequent public scrutiny and compliance proceedings.
A typical attack encrypts or deletes all local data copies and can even target disaster recovery (DR) centers, making it impossible to quickly restore data
APT-like attack capabilities
Advanced Persistent Threat (APT) refers to a complex continuous network attack customized by expert attackers to take full advantage of a victim’s vulnerabilities. Ransomware attacks, featuring greater and greater precision and planning, are beginning to show a strong resemblance to APT attacks.
Data security needs
Complex ransomware poses a great challenge for many current defense measures. Traditional data security protection focuses on the network (such as the firewall and security gateways) and on hosts to prevent ransomware intrusions and limit spread. This, however, neglects ransomware’s ability to disguise itself and lurk in the system for a long time in order to get access permissions to a large volume of key data. In other words, once the system is infected, traditional data security protection is useless. A better solution is needed.
The Defense-in-Depth framework developed by defense contractor Northrop Grumman provides good ideas on how to move forward and build stronger protection. This approach to cybersecurity features five defensive mechanism layers: perimeter, network, endpoint, application, and data security.
Perimeter and network security protection, established at the network layer, defends using firewalls, sandboxes, and situation awareness.
Endpoint and application security protection, established at the host layer, defends using access control, security patches and audits, and antivirus software.
The last layer, data security, is where data storage comes in. In the modern, digital age, data storage needs to do more than just store data. It needs to serve as the last line of defense: protect data with anti-tamper technologies, detect abnormal I/Os generated by ransomware, and prevent data leaks using encryption technologies. In addition to all this, it needs to ensure it is possible to recover clean, uninfected data by keeping data copies in backup storage and in a physically isolated zone.
Building powerful ransomware defense with professional storage
Providing dual protection with production and backup storage, Huawei ransomware protection storage solution uses four key technologies to build a complete solution which prevents viruses from hiding and stealing or tampering with data: ransomware detection, data anti-tampering, air gap replication, and end-to-end data encryption. Let’s take a look at why dual protection and the four key features are so effective:
Dual ransomware protection with both primary and backup storage
In this solution, both primary and backup (OceanProtect Backup Storage) storage provide all-round ransomware protection features, ensuring the system always has a clean data copy for quick service recovery. OceanProtect Backup Storage also provides an ultra-fast recovery speed: up to 172 TB/hour, five times faster than the benchmark in the industry. This helps enterprises slash service downtime and economic losses.
Four key technologies for comprehensive protection
Ransomware detection (ransomware has nowhere to hide): Huawei ransomware detection and analysis feature delivers 99.9% accuracy for production and backup storage before, during, and after attacks. Before an attack, the storage works to intercept ransomware before it has a chance to strike. If an attack does still occur, the storage acts quickly to secure the system, working with security devices such as firewalls to isolate hosts that send abnormal I/Os, preventing ransomware from spreading to other hosts. After the attack, the storage examines data copies to ensure they are clean.
Data tampering prevention (data cannot be modified): WORM file system and secure snapshot technology block file tampering. The WORM system supports setting a protection period, preventing modification or deletion of production or backup data for the duration of the period. Read-only secure snapshots provide similar protection: they do not allow deletion or modification of data during a configured protection period.
Physical isolation (clean data copies are physically isolated): Air-gap technology enables storing a clean copy of production and backup storage data in a physically isolated zone. Even if — unlikely though it may be — both production and backup storage are compromised, the isolation zone will have a clean copy that can be used to quickly restore services. Setting the replication Service Level Agreement (SLA) will automatically replicate periodic data copies from the production or backup storage to the isolation environment. Since the replication link is active only during replication, the possibility of ransomware accessing data in the isolation zone is relatively low. For added security, the isolation zone storage also features multi-layer data protection, supporting anti-tamper features such as secure snapshots.
End-to-end encryption (data will not be leaked): Huawei storage ensures zero data leaks on the storage transmission network and storage through encryption of: protocol, production and backup storage, air-gap replication link, and remote replication transmission of data and backup copies. Even if hackers break the storage or intrude the storage network, they have no access to the confidential data thanks to the encryption deployment.
End-to-end encryption (data will not be leaked): Huawei storage uses end-to-end encryption technology to ensure no data leaks either on storage devices or on the storage transmission network. The encryption covers protocol, production and backup data, the air-gap replication link, and remote data replication. Even if hackers manage to enter a system, they will not crack confidential data.
Defending against ransomware
Huawei’s ransomware protection storage solution is working 24/7 around the world for large customers in energy, finance, transportation, manufacturing, and government.
Better safe than sorry. Installing ransomware protection after the fact is too late. A comprehensive ransomware protection storage solution is the best way to stop or mitigate ransomware.
For more information about how you can build powerful defense for your data, visit our website (https://bit.ly/3RRI74g).
![Canon’s RF/EF lens production exceeds 170 million units, extending its world record in interchangeable lens production Both EF and RF lenses have gained strong support from a wide range of users—from beginners to professionals—leading to steady growth in production volume Canon Inc. announced that, in October 2025, Canon reached a historic milestone of producing a cumulative total of 170 million RF and EF interchangeable lenses for its EOS series, extending its world record for the highest number of interchangeable camera lenses ever produced. The EF lens was introduced in 1987 as the dedicated lens system for Canon’s EOS autofocus single-lens reflex film camera, debuting simultaneously with the EOS system itself. Since their inception, EF lenses have led the industry by incorporating a series of world-first technologies, including the Ultrasonic Motor (USM), Image Stabilizer (IS) technology, and a multilayered Diffractive Optical (DO) element, and have undergone numerous evolutions. In 2018, Canon launched the RF lens series, designed for the EOS R mirrorless camera system, which features a large aperture, short back focus, and high-speed communication system to deliver even higher image quality. The RF and EF lens series lineup now includes a total of 108 models , covering a wide range of focal lengths from ultra-wide 10mm to super-telephoto 1200mm. The series also includes the world’s first VR lens lenses with built-in power zoom suited for video shooting, and even those compatible with power zoom adapters—expanding the scope of creative expression and meeting the diverse needs of users for both still photography and video. EF lens production began at Canon’s Utsunomiya Plant in 1987. Since then, both EF and RF lenses have gained strong support from a wide range of users—from beginners to professionals—leading to steady growth in production volume. Today, Canon manufactures lenses at five sites: Utsunomiya Plant; Canon Inc., Taiwan; Canon Opto (Malaysia) Sdn. Bhd.; Oita Canon Inc.; and Miyazaki Canon Inc. Milestones include 10 million units produced by 1995 and 50 million by 2009. Then in 2014, Canon became the first company in the world to reach 100 million interchangeable camera lenses produced. In October 2025, the company reached 170 million units, leading to the achievement of this world record. The 170 millionth lens produced was the RF 70-200mm F2.8 L IS USM Z. Canon has maintained the No.1 global market share for digital interchangeable-lens cameras for 22 consecutive years since 2003. Moving forward, Canon will continue to refine its proprietary imaging technologies and further strengthen and expand its lens lineup, pioneering new imaging possibilities and contributing to the continued evolution of photographic and video culture. Highlights in the development of the RF/EF Lens Series The EF lens, which was introduced alongside EOS in March 1987, has adopted a variety of world-first technologies, including Image Stabilizer (IS) technology, featured in the EF 75-300mm f/4-5.6 IS USM released in 1995; a multilayered Diffractive Optical (DO) element, used in the EF 400mm f/4 DO IS USM launched in 2001; and Subwavelength Structure Coating (SWC) [7], applied to the EF 24mm f/1.4L II USM released in 2008. In 2021, Canon launched the EOS VR System, a VR video system consisting of a mirrorless camera [8], dedicated lens, and PC software, thereby creating a 3D 180° VR video through an interchangeable lens camera. In 2024, Canon began rolling out a new series of hybrid lenses equipped with iris rings, designed to meet the needs of both still photography and professional video production. For zoom lenses, the company has also launched RF 24-105mm F2.8 L IS USM Z and RF 70-200mm F2.8 L IS USM Z which are compatible with power zoom adapters. For single focus lenses, the company released F1.4 L hybrid prime lens series that unified the size and ring and button position across models. In September 2025, Canon launched RF 85mm F1.4 L VCM, the fifth model in this series, demonstrating that it can meet demands in line with the changing times. [1] Includes EF, EF-S, EF-M, EF Cinema, RF, RF-S, and RF Cinema lenses and extenders. As of October 21, 2025 (according to a survey by Canon) [2] Among SLR cameras (according to a survey by Canon) [3] Number of products sold as of October 22, 2025 (including extenders). The number of lens models for sale is different according to market figures. [4] Focal length is 5.2mm to 1200mm when including VR lenses [5] An interchangeable digital camera lens that enables VR footage with a single camera. Among interchangeable lens digital cameras released as of October 5, 2021 (according to a survey by Canon) [6] Refers to unit share (according to a survey by Canon) [7] A special coating with advanced anti-reflective properties [8] For applicable cameras, please visit the official Canon website *Release dates in this document refer to dates in Japan. Canon Central and North Africa (CCNA) is a division within Canon Middle East FZ LLC (CME), a subsidiary of Canon Europe. The formation of CCNA in 2016 was a strategic step that aimed to enhance Canon’s business within the Africa region - by strengthening Canon’s in-country presence and focus. CCNA also demonstrates Canon’s commitment to operating closer to its customers and meeting their demands in the rapidly evolving African market. Canon has been represented in the African continent for more than 15 years through distributors and partners that have successfully built a solid customer base in the region. CCNA ensures the provision of high quality, technologically advanced products that meet the requirements of Africa’s rapidly evolving marketplace. With over 100 employees, CCNA manages sales and marketing activities across 44 countries in Africa. Canon’s corporate philosophy is Kyosei – ‘living and working together for the common good’. CCNA pursues sustainable business growth, focusing on reducing its own environmental impact and supporting customers to reduce theirs using Canon’s products, solutions and services. At Canon, we are pioneers, constantly redefining the world of imaging for the greater good. Through our technology and our spirit of innovation, we push the bounds of what is possible – helping us to see our world in ways we never have before. We help bring creativity to life, one image at a time. Because when we can see our world, we can transform it for the better.](https://businessinsights.africa/wp-content/uploads/2026/05/1.-Canon-EOS-R50-Mirrorless-Camera-for-Beginners-1024x764-1-100x70.jpg "Canon makes history with 170 Million lenses milestone")
