Cryptolocker, Cerber, CryptoWall, Crysis, etc., all variants of ransomware, a problem that has reached epidemic levels. It is easy to see why; it is a billion dollar plus criminal enterprise and the only thing that seems more common than Internet malware artists are the end users who simply cannot resist clicking the link or opening the attachment that gives the crooks the key to their PC and often the enterprise. Kitten pictures and Russian driving videos are simply hard to resist.
How to protect your data from a ransomware attack has been the topic of blog after blog, and numerous vendor marketing campaigns. It usually comes down to three things; educate, secure, and backup.
Educate your users so that they can recognize malicious email and what to do (and what not to do) when they receive it. According to a September Kaspersky Lab report, 20% of significant data loss incidents were caused by employee mistakes or ignorance. Make them understand that a single infection brought into the enterprise by one user can affect files on any network share to which they have access.
Secure your environment with, at a minimum, an up to date firewall, web filtering, email monitoring, and antivirus software. Have a crisis management team that is prepared to respond to incidents. Have a plan for endpoint protection. Kaspersky Lab also claims 42% of small and medium-sized businesses experienced a ransomware incident in the past 12 months, so preparation is a must.
And, the third step, backup. Even when you educate and secure, the possibility of a breach is still present. Users make mistakes and security measures simply cannot always keep ahead of threats designed to defeat them. The FBI reports there have been more than 4000 ransomware attacks daily since January 1, 2016, a 300% increase over the daily number of attacks reported in 2015. It is estimated that more than $1-billion in ransom payments will be made this year, a number dwarfed by the hundreds of billions of dollars in downtime cost. This is why backup is a component in the fight against succumbing to ransomware. If you have a backup you can recover that takes you back to a point in time before the ransomware incident took place, you can get a system and possibly your business back online without paying out the ransom.
So, why are backup vendors trying to scare you? Because backup vendors know if ALL your data is not protected, there is a good chance ransomware will hit you and you will most likely lose data. But, what should scare you more is less than half of ransomware victims fully recover their data, even with backup.
What can you do to make sure you are not on the wrong side of a statistic?
- Protect all of the data you cannot afford to lose
- Think about your recovery points – if you cannot afford to lose data created the morning of a work day, you may need to backup more frequently than every night
- Perform restore tests
Testing restores may seem self-evident, but it is one of the most overlooked, or ignored piece of a business continuity plan. Recently I stood in front of 50 IT administrators and I asked who tested DR. Out of 50, two gave a positive response. Asked why they did not test, the answers ranged from not enough time and too complicated, all the way to not wanting to see the results. Now that is scary, right?
At Unitrends we put recovery and recovery assurance at the top of the list of what we want to make easy for our customers. Unitrends cloud empowered continuity solutions will help you ensure instant recovery should your business come under a ransomware attack. Unitrends recovery assurance provides:
- Simple automation for boot order sequencing (this is what easily gets messed up in a real recovery scenario)
- Network, host, and storage isolation to avoid production impacts
- Out of the box tests for all your major applications to make sure the systems being tested are not just booting but actually assuring REAL application recoverability
Here is the kicker; all of this comes with an insanely simple to understand, business level report that tells your boss, legal department, and anyone else who needs to know that your company’s data can be recovered quickly and completely. This is done on a scheduled basis so that you are not one of the 90% or so who does not test disaster recovery.
Backup vendors will try to scare you by discussing ransomware. But without true recovery assurance, how do you know your backups can be restored? If your backups sit on a platform that is susceptible to ransomware attacks, are you confident they will not be encrypted by an intruder? Cyber criminals are pretty clever and encrypting backups sitting on Windows systems, on attached drives, and on network shares is common. Unitrends uses a Linux based target for backups and extends protection by copying backups to both cloud and removable media. Do not just take our word for it, read our customer, Life’s Abundance, Unitrends success story Beating Ransomware in 2 Hours. Unitrends will remove the fear by assuring recovery.