RansomwareWhy just back up when what you really need is to stay up?

One of the most important IT services available today is data backup and recovery, but it must be done correctly to receive the most benefit and assure you will still be in business tomorrow.

It has become cliché-   We must successfully defend ourselves from cyber-criminals by fending off multiple attacks every single day. The bad guys only have to be successful once.

While there are many other ways to lose your data, or your control over it, Ransomware is by far the most prevalent form of Cybercrime today, Being able to recover your data from backups is the only safe and predictable way to overcome these challenges.

Typically, the Ransomware process occurs in eight stages.

  1. Highly skilled cybercriminals quietly enter your network and hide a backdoor Remote Access Tool (RAT) in your system.
  2. They then pass along the access information to the Ransomware team.
  3. The Ransomware team enters your system through this backdoor.
  4. They make a copy of all your data
  5. They move (exfiltrate) this copy of your data to their servers, usually located in some other country. This is now officially a data breach, but at the moment known only to the criminals.
  6. They encrypt your original data using military strength encryption protocols.
  7. If possible, they will also encrypt your backups. (they are usually successful)
  8. Up to this point you were most likely unaware of their activities. Suddenly a red message appears on your computer screens announcing that your data is encrypted and the only possible way to recover it is by paying them the ransom they ask for (in untraceable Bit-coin) within a set amount of time, often three days.

It is important to note, our CyberSecurity plans are designed to help prevent threats, such as Ransomware, from ever entering your network. However, cybercriminals are often members of professional crime syndicates, or even nation states, who have practically unlimited resources to invest in Research and Development. They are always working to find new ways to exploit vulnerabilities and discover new ways to undermine defenses. They often get around the best protections through Phishing campaigns, other social engineering tactics, and plain human error.  Remember the cliché from above; the numbers are not on our side.

If you do not have our recommended backup solution, and your data does become encrypted by Ransomware, you now have multiple challenges and few options.

  • Option #1- Pay the ransom- Sadly, if you do not have access to uncorrupted, restorable backups of all your data, this may be your only option. Bear in mind, even if you do pay the ransom there is no guarantee they will provide the decryption key as promised. These people are, after all, criminals.
  • Option #2 – Do nothing and decide to re-enter as much data as possible from paper bills and invoices. (you may wish to avoid contacting vendors for fear the data breach will become public knowledge).
    • Option #2a- After the time limit expires, you will be contacted once again telling you if you do not pay the ransom (which will now be higher than originally asked for) their copy of your data will be made public, Now you have to decide whether the cost and publicity of  this data breach will be the end of your business. Now you are back to Option #1- pay the ransom.
  • Option #3 – Well, there really is no option 3. If you do have restorable data, and you won’t, or can’t pay the ransom. that’s it… Game Over!

If you DO have our Data Defender solution, you can treat ransomware attacks like any other data loss issue…restore system functionality immediately and completely. In most every instance you can be back to normal and still in business in minutes.

  1. We create a continuous local backup of your data and send encrypted copies to two external, geographically separated, secure ISO 27001 certified data centers for safe storage.
  2. If a file is accidently deleted or overwritten, we can restore it from local backup in moments.
  3. If your server should go down because of a hardware problem, we can virtualize your server until the real server can be repaired. Again, you and your employees can be back up and working in minutes.
  4. If the unimaginable happens and your building is destroyed by fire, tornado, or other unpredictable disaster, your server can be virtualized in the cloud. You can still be in business and working from temporary quarters in days, if not hours.

Please Contact us today; Tomorrow may be too late!
(302) 368-8630