Maxim_Kazmin - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Ransomware protection best served by backing up your data

A recent survey illustrates how extensive ransomware threats have been, and Rich Castagna says backing up data remains your best defense

This article can also be found in the Premium Editorial Download: Storage magazine: A dozen data storage vendors to watch in 2017:

Haven't tested that disaster recovery plan in a while? What about checking to see if your backed-up data is actually recoverable if needed?

If your answer to either of those questions is anywhere close to "We tested before the Cubs won the World Series," you're probably not sleeping all that well these days. And if you are, you shouldn't be. As if hurricanes, earthquakes, snowstorms, fires, floods and felonious activities weren't enough to get your DR dander up, toss in the current ransomware rage and suddenly no backup or disaster recovery plan seems adequate.

A recent report conducted by endpoint and server security app vendor SentinelOne painted an alarming picture of most companies' vulnerability to ransomware attacks and their apparent lack of ransomware protection. In fact, the survey data -- collected from IT shops in the U.S., the U.K., France and Germany -- revealed that nearly half of the responding companies had already been victimized by ransomware at least once. The rate of attacks was consistent across all of those geographies. Ransomers also proved to be equal-opportunity interlopers going after small, midsize and large companies at about the same rates, and showing little preference for any particular industry verticals.

The message is clear: If you've got data, look out.

Survey says

I'm sure the companies that manage to survive ransomware attacks did so because they had current data stashed away somewhere, and they are now toasting the often-maligned backup gang as heroes.

Most ransomware gets into your systems by evading antivirus or other security to directly strike at your company's weakest links: users. Email and social media phishing accounted for a whopping 81% of the attacks documented by the survey, followed by clicking on infected or hijacked websites (50%). Best defense when it comes to ransomware protection? You could take away their computers, tablets and phones and unplug the internet. Sure, and you can move company headquarters to a cave in the Himalayas.

Some of the survey respondents (45%) said they were able to reverse the effects of their attack by decrypting the encrypted data. I don't know all that much about security, but from what I've seen with some of these ransomware events, that's a pretty miraculous achievement. But 25% of the ransomers' prey reported they were able to survive the attack because they had recoverable current backups of the encrypted files.

It didn't really require a Herculean effort to recover those backed-up files, either. On average, it required 33 employee hours to get back to business with clean data. Nearly half of respondents (48%) needed even less time to set things right.

Losing data is pretty bad, but some businesses lost even more than that. Thirty-seven percent felt their companies' reputations were tarnished as a result of the event, and 22% said that a high-level head or two got chopped because of the infraction. But most reported that they ended up spending more money for better security (67%) or even cyberinsurance (15%) to provide ransomware protection.

A toast to backup

If you think encrypting everything will provide ransomware protection, think again.

Interestingly, the survey on ransomware protection, or lack thereof, apparently didn't provide another option for that question, that of backup and disaster recovery. I'm sure the companies that managed to survive ransomware attacks did so because they had current data stashed away somewhere, and they are now toasting the often-maligned backup gang as heroes. And those who didn't make out as well are likely looking at ways to improve their data protection practices.

You knew I wasn't going to stray too far from storage, didn't you? But the truth is that good storage practices and effective data protection are the only things standing between your company losing its data or paying a big price to get it back. And it really is all about backup and DR. If you think encrypting everything will provide ransomware protection, think again. Some encryption algorithms can encrypt already encrypted data -- try saying that three times fast, but don't bet on it working.

These attacks can be crippling to a company, and the more data that gets tied up, the more serious the consequences. But with a copy or two of current data nestled safely in the cloud, you might not just save your company's -- and your -- neck; you could end up being a hero. Pretty cool for a backup guy, eh?

Next Steps

Does backing up data frequently help ransomware recovery?

Smart employees can stop a ransomware attack

Be wary of cloud-based ransomware attacks

This was last published in January 2017

Dig Deeper on Data backup security

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

4 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What systems and processes are you using to protect your data against ransomware attacks?
Cancel
It is so critical to find a good backup solution that can prevent your data from being corrupted and secondly be able to recover your data if it has become corrupted from a ransomware attack.  
Cancel
Backups and SAN snapshots saved multiple ransomware attacks at the last two places I worked.  The biggest issues is getting users to help identify the breadth of the attack so that everything can be recovered before recovery points age out or are sent off site.
Cancel
Time is essential when it comes to your files being corrupted. The only way to save time and money is to have a back up solution in place. Do not be a victim of a Ransom. If you have a DR solution in place you can recover file with out paying any ransom or losing any data. Please protect your self! 
Cancel

-ADS BY GOOGLE

SearchSolidStateStorage

SearchCloudStorage

SearchDisasterRecovery

SearchStorage

SearchITChannel

Close