Have you been hit by ransomware recently? According to a recent survey by CyberEdge, the most reliable approach (by far) to defending against ransomware is proactive rather than reactive. That is to say, having a robust backup and disaster recovery system in place is far more likely to result in minimal disruption and data loss than trying to pay the criminals in the hopes that they do the ‘honourable’ thing and decrypt your critical data. For the report, CyberEdge surveyed IT security professionals and found that more than half (55%) had been hit by ransomware in 2017. The study found that of those who had prepared for ransomware using backups and other business continuity procedures, 86.9% were able to successfully recover their data. However, of those who didn’t have backups to rely on and instead paid the ransom, only 49% actually had their data decrypted and recovered.
Thinking of paying ransomware demands? Think again, as less than half of ransomware payments result in successfully decrytped and restored data.
“It’s like flipping a coin twice consecutively – once to determine if your organization will be victimized by ransomware, and then, if you decide to pay the ransom, flip it again to determine if you’ll get your data back,” according to a representative from CyberEdge. “The clear lesson here is the critical importance of maintaining up-to-date offline backups.”
Spain had the highest rate, with 80 per cent of respondents reporting malware, followed by companies in China (74 per cent) and Mexico (71.9 per cent.) In the US, 53.8 per cent of respondents were hit by ransomware, while slightly under half of those in the UK, 49.5 per cent, were hit.
There are two main reasons why paying a ransom isn’t such a good idea. Firstly, the age old adage “no honour among thieves” – when you pay a ransom, you are relying on criminals keeping their word to restore your data, which isn’t always the most reliable thing to do. Secondly, the criminals may not always have the technical ability to restore the encrypted data, even if they wanted to. With the help of the dark web, cyber crime is no longer committed only by skilled hackers. Now, ransomware programs can be bought online for as little as €10 and used by unskilled cyber thieves who lack technical know-how of the encryption and decryption process. Ransomware propagated by some criminals, such as the NotPetya attack, may not have been designed to make money at all, but instead to be a purely destructive endeavour.
Having a robust backup and disaster recovery system in place is a must-have for any business, not just to protect against ransomware attacks, but to ensure that work can carry on, sensitive data is not lost, and expensive downtime is minimised. Furthermore, when managing a backup and disaster recovery system, it’s crucially important to perform regular tests to ensure that when an emergency or disaster does happen, your backups work and the restoration process is completed quickly without any hiccups. A failed backup or corrupt backup chain can have a knock-on effect and cause subsequent backups to fail, so having backups that are not regularly monitored and tested can often be as ineffective as not having any backup process at all.
It is worth noting that there is a very real and serious risk of non-compliance with the GDPR, should a business not be able to quickly restore access to systems (with personal data) in a timely manner. Article 32 of the GDPR mandates businesses have to have “the ability to restore the availability of and access to personal data in a timely manner in the event of a physical or technical incident”.
Here at Tech Guard, one popular solution that our clients found to this problem is to utilise one of our all-in-one (backup and instant failover/continuity) devices, that not only back up critical systems locally and offsite (within the EU), but also acts a temporary recovery device that recovers and runs the latest working versions of failed production servers in a matter of minutes. This type of solution works well for many businesses, since they don’t need to invest heavily in a spare server and complicated recovery software to get them back in operation quickly.
For those businesses who are worried that they may not have the skills or resources in-house to set up and manage a robust backup and disaster recovery system, Tech Guard provides a fully managed backup and failover/continuity service for businesses. Contact us today for more information on how we can minimise your downtime and give you piece of mind.