The last 12-18 months has seen ransomware evolve from a relatively small hacker operation into a global IT epidemic, and one of the most dangerous security threats facing enterprise organizations today. Ransomware protection and mitigation planning is now a vital element of business continuity strategies in the enterprise. In this blog post we’ll examine how organizations can best prepare for a ransomware attack, which is becoming an increasingly common disaster scenario for businesses worldwide.
The Threat of Ransomware
Ransomware is malware, most commonly using a web exploit or spam mail in which the attacker often encrypts the victim’s data or uses other approaches to extort money from their victims. Other approaches have cyber-criminals capture data that ransomware can copy out of a network for the purposes of selling it to third parties.
Some recent data points support the claim that this severe threat is indeed turning into a global epidemic:
In all of 2015, estimates are that victims of ransomware internationally paid $24M USD in ransomware payments.
In comparison, just in the 1st quarter of 2016, victims paid as much as $209M USD to cyber-criminals!
We can see this trend reflected in our own customer base. Nearly 50% of CTERA customers surveyed indicate that they’ve been a victim of a ransomware attack. We now have a number of case studies that we can publicly discuss, thanks to CTERA customers who feel they must come forward and educate the market about the severity of ransomware attacks and how to apply appropriate countermeasures.
One such example is a large U.S. construction firm that had all of its current contract work and all previous project files crypto-locked by hackers, who demanded $100K for their data. In addition, the breach encrypted $200M USD of future project data. Without proper remediation, they may not have been in business today. You can read the full case study here.
Cybercriminals prey on the weak and unprepared, and exploit all sorts of security breaches. The only way we can put an end to this epidemic is by building the right safeguards that enterprise vulnerability.
Two key countermeasures are:
1.Secure your perimeter to minimize the chance of breach
Regularly patch your operating systems by keeping them up to date and close security breaches. Even more importantly, train and educate employees on ransomware, disable macro scripts from office files transmitted over e-mail and limit access to critical and rapidly changing datasets to only need-to-know users.
2a. Back up all files and systems
Even the best firewall providers are challenged to keep pace with hackers, and one great way to avoid paying ransom to recover from crypto events are backups. So backup your endpoints, back up your file servers, and implement lightweight, optimized data protection tools that minimize recovery points
Despite the relatively large recovery point, data protection tools (‘backups’) will always play an instrumental role as a ransomware countermeasure, in large part due to backup software’s ability to recover full systems and system profiles.
The philosophy you should employ is to back up everything. You’ll want to recover desktops and servers without herculean recovery efforts, and modern backup tools can make it simple for users to protect their devices and data quickly and non-obtrusively, while making it just as easy to recover in the event of a malware infection.
2b. Roll Back to Your Company’s Most Current Data Using Sync
Combine the backup strategy in step 2 with file synchronization tools to create a business continuity solution that lessens the damage of a potential attack. While backup solutions enable organizations to roll back to a point where their systems were non-infected, the rollback itself can erase hours, days, or even weeks of productivity. For larger offices with hundreds or thousands of employees, the productivity lost can be in the millions of dollars. Modern file sync and share tools enable organizations to dramatically reduce file versioning intervals and minimize data loss.
Don’t be Held for Ransom! Tips for Preventing Ransomware
Watch this on-demand webinar with Seth Bobroff, Marketing at Western Digital, and I as we highlight four tips to preventing ransomware attacks and the critical role storage can play.
In the webinar, we will discuss:
Where are cyber attacks coming from?
4 tips to protecting your environment against ransomware
A secret tip…why object storage is a more secure storage solution