COVID-19 and Ransomware: Are your backups ready in case of an attack?
BY: STEPHEN NOWICKI-Guest Blogger
With the drastic changes that our society has felt on a global scale since the onset of the COVID-19 pandemic, it's no secret that a 'new normal' is materializing in real time. Organizations have had to rapidly adapt to remote working models on a moment's notice. This change has also inadvertently created a haven for hackers to take full advantage of potentially vulnerable systems and unsuspecting workers with a significant rise in phishing and ransomware attacks with COVID-19 rhetoric as the primary hook to lure people in. We published a post a few years ago on what to look out for in the event of a ransomware attack and the precautions are no different today.
In 2017, the WannaCry ransomware attacks affected more than 150 countries worldwide. With the threat of more attacks to come, we wanted to share some important reminders on how to protect your data from the dangers of ransomware.
Computer-related crime is becoming increasingly hostile.
This recent surge in ransomware attacks against organizations of all sizes has added a new sense of urgency to ever-increasing security worries while taking steps to ensure their data is protected from cyber extortion. Many studies report that since 2015, the threat of ransomware has increased by 165%.*
Ransomware is malicious code that uses advanced encryption algorithms to block system files and the attacker demands payment in exchange for the key that can decrypt the blocked content.
Protecting your data from cyber attacks
There are many ways to help protect your company against the latest ransomware attacks. However, attacks are evolving in complexity and should other security measures fail, leveraging an uncontaminated backup could become your last line of defense.
There’s no protection from ransomware without a secure backup
Beyond isolating the attack, one of the first questions a security professional will ask you when you report a ransomware attack is whether you have secure backups available. The good news is that there are some basic steps to protect your company and your data from the threat of ransomware.
These best practices will help you get started:
1. Backup all your data: Ensure you are backing up all your important data, including distributed data.
2. Architect your backups: Ensure your backups are architected properly to include backups off of the production network. Air Gap backups are recommended to be part of the backup scheme. You’ll also want your backup to be sent to a separate system than your current operating environment. There are many available options to achieve this today. However, understanding the implications of options for your data and security such as replication, cloud storage, disk versus tape is complicated.
3. Have strong backup policies in place: Ensure you have effective backup retention policies. Malware can linger and if discovery is delayed, there is an advantage to having backups available longer or more copies of backups than you may have traditionally thought required based upon compliance.
4. Isolate your backups: Develop a strategy and operation plan for restoring systems from scratch should malware be detected on machines. You likely will have differing processes for physical servers, virtualized servers and workstations.
5. Keep copies handy: Revisit replication versus backup to ensure an air gap copy of data exists.
6. Don't forget to test: Test your backups and media regularly (quarterly). Although there is software and media based error reporting notifications, the only way to ensure a backup works is to test it. Periodic exercising of your restore process operational plan should be carried out to ensure it’s still functioning after software/firmware changes, version updates, etc.
Thank you to our RHBOT Guest Blogger.
Network Practice Lead, Sentia
Stephen Nowicki has over 20 years’ experience in IT with a focus on Networking. He is Sentia’s Network Practice Lead and Technical Leader focused on helping customers achieve business goals. He has been a trusted advisor to many large and medium enterprises across business verticals including financial, manufacturing, health care, high-tech and media.
If you need help to re-evaluate your back-up strategy in the face of current ransomware threats amid COVID-19, Sentia can certainly help.
Phone (647) 417-3592 Toll-Free 1 (866) 610-8489
Contact Sentia https://www.sentia.ca/Contact-Us/Request-a-Conversation