by Karl Zimmerman
In the last few years, a series of devastating ransomware attacks have cost businesses billions of dollars. Ransomware doesn’t discriminate: businesses of all sizes have been hit hard, but smaller businesses are disproportionately affected because they are less likely to have the resources and the expertise to bounce back quickly.
Much of the discussion around ransomware has focused on the ransom — the money that criminals demand in return for a key to decrypt the data. But, in reality, the biggest cost associated with ransomware is downtime.
Losing access to business-critical data and software disrupts business operations. For larger businesses, that cost may be measured in the millions. For smaller companies, the absolute numbers are lower, but the impact on the business’s long-term future can be devastating.
Prevention is better than cure
The best way to combat ransomware is to ensure it never finds its way onto your business’s servers and desktop computers in the first place. Ransomware has a number of vectors, but the most common are phishing attacks and software vulnerabilities.
The notpetya attacks of 2017 used a vulnerability called eternal blue to infect Windows systems. Patches were available for eternal blue for months prior to the attacks. The Locky ransomware was distributed via links in phishing emails.
Keeping software up-to-date and training staff on how to spot phishing emails are the first line of defense against ransomware.
But prevention is not enough
No business is immune from security mistakes and human error, so prevention is not enough. It is also necessary to make sure that attackers can’t deprive you of data if your infrastructure is infected.
Up-to-date backups provide a surefire defense against data loss. But, in my experience, many businesses do not have backup systems that are robust enough to keep data safe from ransomware.
Ransomware is sophisticated, and some strains are capable of sniffing out local backup drives, including the network-attached storage that many businesses use for backups. Once the ransomware is on your system, it will search for copies and encrypt them too.
The most effective backup systems send data to a secure offsite location that can’t be reached by ransomware. Cloud backup platforms that continuously uploading data to a secure remote data center are the best option.
Big businesses don’t just do backups: they also replicate key systems – including servers, networking, storage, and software – in multiple data centers. If their primary infrastructure is knocked out, they can switch to redundant infrastructure running in a distant data center.
In the past, this type of disaster recovery infrastructure was too expensive for smaller businesses, most of which can’t afford to buy and maintain the duplicate infrastructure that sits idle until disaster strikes.
But the introduction of inexpensive cloud servers has changed all that. Today, cloud Disaster Recovery as a Platform (draws) services allow businesses to create comprehensive disaster recovery plans that combine continuous data backups with quickly deployed redundant cloud infrastructure. If ransomware or human error take out key systems, duplicates can be deployed to the cloud in minutes.
Ransomware is a serious threat, but with modern cloud technology, businesses can protect their data and minimize the risk of disruption.
About the Author
Karl Zimmerman is the founder and CEO of Steadfast, a leading IT Data Center Service company. Steadfast specializes in highly flexible cloud environments, robust dedicated and colocation hosting, and disaster recovery.