Why encrypted backups may fail in an AI-driven ransomware era

Backups are a long-standing best practice: three copies, two on different devices and one off-site. For decades that 3-2-1 strategy has been the baseline for protecting data, and many administrators rely on a mix of local servers and cloud storage to safeguard information.

Generative AI has changed the threat landscape. AI agents can probe and tunnel into networks at scale, and malicious actors can deploy them widely. Those tools make stealth, evasion, and long-term residence inside systems far easier than the old smash-and-grab ransomware model.

That shift puts backups squarely in the attackers’ crosshairs. Veeam’s 2025 survey found 93% of ransomware attacks target backups and 34% of organizations said their backups were modified or deleted. Even when victims pay—Veeam reported 64% paid ransoms—only 47% recovered their data while 17% still could not.

encrypted backups, ransomware, generative ai, ai agents, 3-2-1 strategy, cloud storage, veeam survey, backup deletion, ransom payments, data recovery