Develop a powerful data backup strategy with our free Office 365 Backup Handbook. Download here!
Imagine this scenario:
After a long day in the office, you finally arrive home following a lengthy commute. With a hefty sigh—as substantive as the amount of work you put in that day—you fire up your laptop as you rummage through your fridge considering what to prepare for dinner. You purposefully grab a pot, fill it with water and a pinch of salt, then throw it on the stove.
As you come back over to your laptop to enter your credentials, you see a red screen with various numbers, counters, and text. As your jaw drops along with the wooden spoon in your hand, you carefully read the text and realize—
You’ve been hacked.
You think “What’s happening? What can I do? How much time do I have?” Clearly some intrusion has occurred and something stolen, but what is it? What have I lost?
One part of the screen reads “Your files have been encrypted. Any attempts at retrieving your documents, photos, videos, and data are futile. Without our decryption key, they can’t be restored.”
The water on the stove starts to simmer.
Another part of the text reads, “If you submit payment within 72 hours, we will decrypt your files and you can return to business as usual. After 72 hours your price will double, and if we don’t receive a payment within seven days you’ll lose your files forever. Please send 1 BTC to 1F1tAaz5x1HUXrCNLbtMDq immediately.
Bubbles appear at the bottom of the pan as the water starts to steam.
Now in full panic mode, you ask yourself, “What’s BTC? Is 1 a lot? Wait, is this bitcoin? Didn’t that market crash? It must only be a few hundred bucks by now…”
After a cursory Google search, you see bitcoin has exceeded $9,000! All of that just to retrieve your files!?
The water comes to a roaring boil.
Facts and figures
You wouldn’t be to blame if you thought ransomware had faded out of the tech security spotlight; ransomware infections in 2018 were actually down 20% from the previous year according to Symantec’s 2019 Internet Security Threat Report (ISTR).
However, don’t let this statistic fool you. 2017 was a record year, and in 2018 there were still more ransomware attacks than in 2016. And to top off this entrée of alarming statistics, there’s actually been a 12% rise in enterprise targets and a 33% rise in mobile attacks in the past year. It is now more important than ever, to manage and protect your digital assets.
What is ransomware and how does it work?
Ransomware is a type of malware that infects a computer system/network and locks up file(s) using strong encryption. The hackers then demand payment from victims to unlock these files. Like with other low-end (and easy to execute) attacks, they often infect systems through phishing emails or other methods that have victims run an executable.
It’s common for this malware to target Microsoft Office, Adobe, and other business application file extensions— especially in enterprise attacks—since these would likely cause the greatest business disruption.
What can I do to protect myself?
There are several options for maintaining your strongest security posture. Prevention strategies encompass everything from network and infrastructure-level considerations to end-user behavior.
From a network and infrastructure perspective, deploying firewalls and employing content scanning and filtering on your inbound emails is highly recommended.
If away from a trusted network—such as public Wi-Fi—leverage a Virtual Private Network (VPN) to keep all data communications secure.Looking for reputable info on ransomware and how to stay protected? Check out this article:: Click To Tweet
From an end-point perspective, use security software. Keep it up-to-date by updating your operating system and other software as frequently on possible. You should also never automatically open email attachments or run macros from untrusted sources.
From a content management perspective, backup your critical files to external sources. An external hard drive is a viable option here, as are several secure, accessible, and industry-standard cloud services.
By having a working, uncorrupted, clean copy of your data, you are essentially removing leverage a mal-actor can have over you and your organization.
How can cloud solutions help keep me protected?
Cloud backup solutions keep your files secure in the cloud and allow you to access them anytime, anywhere; all you need is an internet connection. They also offer protection in the form of encryption provided by your Cloud Service Provider.
For instance, if you’re backing up to Microsoft Azure, you’ll have 256-bit AES encryption through Microsoft Azure Encryption for data at rest. Additionally, there are some cloud solutions that maintain version control as well as keep multiple backups that occur at scheduled times throughout the day. These solutions allow you to execute time-based restores, which give you the ability to restore the version of the data you need to keep your business running.
As important as backup is in the fight against ransomware, it’s also important to remember just how capable the restore capabilities of certain data loss mitigation solutions and strategies are. Without multiple time-based backups end-users, admins, and IT organizations face two major constraints:
- Being unsure if the files you’re about to restore are uncorrupted and uncompromised, and
- Risking losing any amount of progress by having to restore a significantly out-of-date file.
Having a cloud solution that has multiple backups lets you identify the precise point-in-time to restore your data. Naturally, this allows you to minimize any progress/updates lost to your assets!
Cloud backup and recovery is just the first step of many in your fight against mal-actors. There are several steps you can take to minimize your chances of falling victim to a ransomware attack, and reduce the impact to business continuity. If you have any additional questions or comments please leave them below!