Do we now need to account for a ransomware attack in the IT budget?
Each headline-making cyber attack seems to be more destructive than the last, which is proving to be the case with the Petya virus we're witnessing today and the recent massive WannaCry ransomware attack.
Whether the latest attacks are gigantic like WannaCry or small enough that they never get written about — there’s an undeniable growing number of businesses that continue to get hit with ransomware. And unfortunately, it’s a no-win situation — either they lose critical files, or they have to pay a hefty ransom to have their files returned.
What you don’t hear about, are companies that prepared in advance with the ability to recover files on their own, and actually avoid suffering disruption or having to pay a ransom to cyber criminals. Yes, this actually happens — the headline just isn’t as sexy.
In many cases of successful ransomware attacks, security was deployed appropriately throughout the organization, and yet someone still managed to click on the malicious link or download the wrong attachment — resulting in a data hostage situation. As the saying goes, it’s not a question of whether you’ve been hacked, but whether you already know about it.
So, are we trapped in an endless cycle of data hostage situations? If we step back and look at our options — the future isn’t as grim as it might seem. It’s not just about doing our best to prevent cyberthreats like ransomware, but also about being prepared if and when our files actually do get held for ransom.
The most common threat vector for ransomware to enter an organization is still through email. Ideally ransomware and other advanced threats would be detected or prevented long before they ever land in an inbox.
Unfortunately, ransomware has many other ways of reaching employees’ endpoints, whether from malicious websites, compromised USB sticks, or through vulnerable applications. Even if you’re taking all the right steps to secure your network perimeter, email, web traffic and outward-facing web applications — you’re greatly lowering your chances, but could still fail to avoid ransomware.
With that in mind, now would be as good of a time as any to evaluate your company’s backup and recovery strategy, so you know for sure that your organization is prepared to handle a ransomware attack? The right solution is capable of automatically creating updated backups as files are revised, and it duplicates them in a secure location in the cloud or off-site. In as little as an hour, this type of setup allows IT folks to first eliminate the malware, then delete any encrypted files and restore them from a recent backup. Surviving ransomware can actually be that easy.
Any data protection expert will tell you that every business needs a solid backup strategy for when the unexpected happens. These days, digital threats are proving to be more common than physical threats like fires or floods – and ransomware is a great example.
In the face of ransomware, advanced persistent threats, and spear phishing, you can’t afford not to prepare. The question then becomes, who pays for it? The security team who’s already strapped for resources and time in keeping up with the next 0day attack? Or has ransomware become so mainstream that it’s time to write a line-item directly into the main IT budget?
Regardless, it’s clear that it’s no longer just about data security, but data protection — which makes more sense from a budget perspective as well.