Another day and another 90,000 infections of ransomware
A quick search online reveals three new press articles today alone about the threats, yet how many attackers are paid for quietly by companies who cannot allow any form of perceived security weakness to enter the public domain.
The answers to combat ransomware attacks are by now fairly common, repeated many times by many people.
- Ensure the IT department and communication team are in sync, continuous user training is vital to emphasise the importance they play in the company in security and the risks when receiving unexpected emails.
- Keep all security systems and virus controls up to date at all times.
- Practise the isolation procedure, in the same manner, you would have a fire drill to evacuate the building, time to act and isolate an incident saves files.
If you do suffer an attack, paying the fee could restore access to mission-critical data, but there’s no guarantee. Also, you’ve just made yourself known to your attacker and open to repeat attacks.
The absolute best advice is good off-site backups
Backups are key for those unfortunate enough to get hit, and those backups should be kept separate from your computer or company network, so they aren’t infected by any attack. Backups however only take you back to the last good backup, maybe last night? Maybe a few days ago? For some businesses this loss of productivity too disruptive and too costly.
So, why not enhance your position with a complete DR solution in the cloud, continuous data replication to protect your site, applications, servers and files?
The technology that was designed to provide amazing recovery (RPO / RTO) times for whole site Disaster Recovery can also be used for file recovery and costs much less than you would think.
Systems are protected with Continuous Data Protection in the form of incremental block-level replication and when combined with a Journal gives the ability to re-wind individual files to any point-of-time within up to 14 days ago within a matter of seconds.
Now a virus infection can be isolated and any infected files recovered back quickly from a cloud backup that occurs seconds before the virus attacked and encrypted the files. The exact same recovery point that paying the ransom would achieve without the risk and cost.