How to Do Data Protection Against Ransomware
Malware and cybercrime: a match made in heaven. But it's the malware that makes it so darn difficult to prevent. Between viruses, worms, adware, spyware, etcetera... the IT manager has a near impossible task of data protection through blocking, routing, zoning, and scanning for threats and weaknesses in the company's network and software systems.
Ransomware, however, can be especially debilitating, depending on the strength of the attacker's resolve and the strength of your negotiator. Such an attack basically involves a program being installed, through a worm or virus that carries the program, on a computer and then locks it down thereby suspending any activities on the computer. No one is able to operate or bypass it unless they respond to the demands displayed on the screen – usually for vast sums of money.
Attackers Don't Discriminate
This was recently demonstrated when the Hollywood Presbyterian Medical Centre in the US was caught unawares and held to ransom for its fortune (since Presbyterian hospitals are obviously rolling in it). Sadly, this affected operations at the hospital for more than a week while officials scrambled to collect the bitcoins that were being extorted. News reports are unclear whether it was for the value of 17 000 USD or 3.4 million USD, but the point is, they had to pay up.
Complying with attackers' demands is usually the path of least resistance, and has a fairly predictable result. Unfortunately, you end up on the losing side of this little power play. So a far better approach would be to even out the odds between you and the attacker by being prepared. Besides the blocking, routing, zoning, and scanning for threats, an effective data protection solution will save the day.
A Better Data Protection Solution
Tip 1. By keeping regular backups of your systems, with as short an interval between backups as is practically possible (i.e. having a low Recovery Point Objective/RPO), a recent copy of your data will always be available. Consider a cloud-based backup solution if you don't want to shell out for the purchase and maintenance of data storage. Otherwise, just make sure you keep the latest copies of your most important information on site.
Tip 2. But having the backups is only as good as being able to restore them. Proper data protection also means that you'll need the right infrastructure in place to facilitate data recovery as quick as possible (i.e. a low Recovery Time Objective/RTO). A cloud-based data protection solution will also ensure that your data is kept off-site and out of harm's reach.
Tip 3. Whether your backups are kept on the premises or off-site, regularly test your data protection solution for integrity and completeness. This will ensure that when the time comes, you'll have the right data at your disposal and you'll know that your data recovery will be effective.
The bottom line is, by recovering systems in this fashion you'll essentially be overriding any malware infection and getting your IT systems to a working state once again.