Are You Ready When Ransomware Strikes?

Posted by Maura Mahoney on Tue, May 30, 2017 @ 09:00 AM

Not If, but When

ransomware-1.jpgAs the recent WannaCry attack demonstrates, ransomware attacks are becoming more sophisticated and their high-profile nature is hard to ignore.  Today, even seasoned users can slip up and click a link they shouldn’t.   For example, you might be tricked by an e-mail that looks like it’s coming from your CFO where she’s asking you to review an attached invoice. For most of us, we’re going to jump on that e-mail because it looks important, and by the time we realize what we’ve done, the damage has been done.

Many companies employ preventative measures to try and stop ransomware, including security products and employee training.  However, despite the best efforts of IT, stopping ransomware can be challenging.  Even if everyone does all they’re supposed to, it just takes one user and one mistake to invite the malware in.  Once the dominos start falling, what happens next can either be catastrophic, embarrassing or both.  

To add insult to injury, there is reason to believe that if you’ve been hit once by ransomware and have paid the criminals to unlock your files, you’re more likely to get hit a second time as “word on the street” spreads that you’re an easy, lucrative target.  After all, it requires very little effort for an enterprising criminal to try to trip you up again, and again, and again. 

Without a doubt, you should do all that you can to prevent or mitigate ransomware within your organization. These efforts do help, but they don’t completely eliminate the risk. In addition to safeguarding against ransomware attacks through proper training and other preventive measures, you should also have a solid plan in place should your organization be the victim of ransomware  - so that you’re never in a position to have to pay the criminals.   

Your Backups are a Last Resort

Bad news: you got hit by ransomware. 

Good news:  your IT department has a successful data backup that was kept separate and safe from the effects of the malware.  

This is a common approach to recover from a ransomware event and it is absolutely a “must have” for your company.  But it may not be enough to prevent you from suffering during a ransomware attack.  Keep in mind that recovery may be lengthy and could require some significant downtime to users. 

If you’re like most companies, you typically run nightly backups. In the event of a downtime event, you’ll lose all of the work that your users did from the last good backup until the moment you realize your organization is the victim of ransomware.  Unfortunately, that could be a significant loss of productivity, and you can all but guarantee one of your executives has lost a file that is of utmost importance. You need a process that instantly gets you back online and also mitigates data loss.   

Disaster Recovery as a Service (DRaaS) is Your Secret Weapon Against Ransomware

Rather than scramble to recover from your backups, DRaaS provides a way to recover your files in minutes to a secondary site, allowing you to remedy the production site while your users remain unaffected.  Most importantly, DRaaS provides a point-in-time recovery, narrowing down to the second to ensure the recovered files are not locked by ransomware.  You won’t have to go to a previous day or week’s backup, and potentially lose all of that precious data.  

When you have a solid DRaaS solution in place, you render the ransomware powerless against your organization because you’re able to quickly recover and retrieve what you need.  No need to pay the ransom if your company doesn’t feel the effects of the malware to begin with.   

And if the criminals can’t make money on you, you’ll become less of a target to them.  

Want to learn more about FirstLight’s cloud-based DR solution can help protect your organization from ransomware or other threats of downtime?  Contact us at 1-800-461-4863 or [email protected]

Topics: Ransomware