Hardly anyone needs convincing of the threat of ransomware. Following the recent attacks against the Colonial Pipeline and Kaseya, it’s obvious that ransomware is a clear and present danger to global stability.
And the problem is growing… According to Group-IB, a Singapore-based security firm, ransomware attacks surged by 150% from 2019 to 2020. And while the average ransom was on the order of $170,000, criminal groups like Maze and RagnarLocker started to ask for $1 million to $2 million in some cases.
A report by the Institute for Security and Technology (IST) highlights the numerous ways in which ransomware is disrupting civil society, including:
- National Security – by targeting critical infrastructure, ransomware makes it difficult for all nations to protect themselves and their citizens
- Diversion of Public Resources – in most cases the cost of implementing a full recovery far exceeds the ransom payment
- Loss of Privacy – not only are users lives disrupted but the targeted entity is subject to civil liability
- Disruption of Vital Public Services – education, healthcare, emergency services, energy and transportation are only some of the activities that have been targeted
- Economic Impact – again, not just the ransom but the cost of downtime, remediation and the transfer of wealth from legitimate entities to the black market, where it is used to foment more crime
Backup and Disaster Recovery Services Critical
Whether it’s an offsite disaster recovery solution that includes backups, or the same practices are done in house, it is critical to deploy these tactics in the drive to thwart ransomware. While adequate cybersecurity is the first line of defense, it cannot do the job on its own. Backup is the final layer of data protection. While it cannot prevent a breach, it minimizes the damage by allowing critical systems and data to be restored as quickly as possible. All too often, however, organizations mount what they think are effective backup systems only to find them inadequate in a real emergency.
The Key Elements For Backup Protection
In order to provide appropriate service, a backup system requires three basic elements:
- Regular testing for recoverability: Identify flaws or weaknesses in a backup system is before they are needed. Regular testing helps ensure that systems and data can be brought back online as quickly as possible It also identifies needed upgrades and expansion in a constantly changing data environment.
- Freedom from malware and/or ransomware: Backup systems are just as vulnerable to compromise as anything else, so they must be kept clean.
- Logical and/or physical air gapping: Backups should be protected from network intrusions so ransomware cannot reach them.
When Are Backup Systems Deployed?
Typically, backup systems are called into action for discrete outages. Examples include when files are lost, a virtual machine becomes corrupted or a server hosting multiple VMs goes down. But if a ransomware attack encrypts a large portion of your IT infrastructure, it’s time for a disaster recovery service.
Launching a Disaster Recovery Service
You’ll need a plan devised ahead of time to restore operational capabilities in the correct order. This usually means mission-critical apps are brought back first, and the proper dependencies are reestablished to restore the flow of information. From there, apps are recovered by order of importance. Remember, though, that rehydrating large numbers of apps can take some time, perhaps weeks.
A proper disaster recovery solution does not necessarily require a hot failover site. That said, if you can afford one for your most important workloads, it can really come in handy during a crisis. If you don’t have a failover site, mission-critical apps and their resources can be stored as replicas, which can be quickly transferred to a secondary data center. This usually provides faster uptime and recovery, allowing operations to continue while full restoration and system recovery proceeds.
A proper DR plan does not necessarily require a hot failover site. That said, if you can afford one for your most important workloads, it can really come in handy during a crisis. If you don’t have a failover site, mission-critical apps and their resources can be stored as replicas, which can be quickly transferred to a secondary data center. This usually provides faster uptime and recovery, allowing operations to continue while full restoration and system recovery proceeds.
Both backup and disaster recovery are highly specialized fields with skill sets that typically do not fall under general IT disciplines. This is why even large companies turn to experienced disaster recovery offsite providers who are able to handle cloud disaster recovery among other services. These experts know the ins and outs of data protection and restoration. In most cases, they can provide superior service and at a lower price point than homegrown solutions, both in the day-to-day management and testing responsibilities and in those rare times when the system is put into motion.
CyberFortress provides industry leading backup and data recovery solutions and leverages tools like Veeam ransomware protection to keep clients safe. To extend our help, we are offering an ebook, The CyberFortress 3-2-1 Data Protection Blueprint: Offsite Backup, Disaster Recovery & The Cloud which goes in depth about backup and ransomware among other topics. To learn more, download for free and checkout chapter two which builds on the material discussed.