Data Backup Digest

Ransomware is defined as a malicious software that is designed to block access to a computer system until money has been handed over. It can be used to lock a company out from their data, either in entirety or on certain file types.

It’s a simple crime in the scheme of things and also highly effective. Data is a business’s lifeblood – it needs it for day to day operations and to not have access to internal documents or customer data can be disastrous. Rather than wait for a resolution, money is handed over in the hope that the data will be unlocked.

Almost half of organisations were affected by some type of ransomware attack in 2016 and as we enter the new year it is considered one of the top cyber threats. According to the FBI, ransomware attacks cost victims a total of $24 million in 2015. That figure astronomically raises to $209 for the first three months of 2016, let alone the entire year.

Depressingly, the number of user credentials flooding the black market is causing major breaches to be worth less. The cost of electronic healthcare records dropped 50% over last year, with supply exceeding the demand for this stolen data. Despite this, the price being charged per ransom is on the increase, even when the data is worthless for selling on.

As ransomware continues to be successful, those developing the software keep pushing the limits in order to access all sorts of data storage devices. With the Internet of Things and more devices than ever connected to one another, this is set to be the next big attack. Healthcare, homes, cars and appliances are all things that can be hacked now.

Ransomware has a return on investment as high as 1425% and the level of risk is low. As with all security, nothing is ever unbreakable. Ransomware continues to evolve in order to combat security measures, so the question isn’t so much how can you stop it, but more how can you recover from it.

Those organisations that are targeted by ransomware are those unwittingly fuelling the industry. A successful ransom then funds the development of more innovative software. As such, paying these fraudsters should be the final resort. Your data is valuable, but even if you hand over the money there’s still no guarantee that you’ll actually get it returned.

Consider the San Francisco Municipal Transportation Agency as a recent study. They didn’t pay the ransom, nor did it cross their minds to do so. This is because they have a solid backup and recovery plan in place, meaning all their systems were back up and running within a couple of days.

The FBI urges all enterprises to regularly backup data and then verify the integrity of that data. Of course, it’s also important that your backups aren’t susceptible to ransomware – consider your redundancy by using different services and storage solutions to achieve a good backup plan. Using a real-time recovery backup solution from a cloud provider would be a good choice, meaning if the ransomware enters your server then it can’t touch your backups.