Ransomware + Failed Backups = A Disaster Waiting to Happen

Author: Joe Martin, Date: 2017-07-28

To say that cyberattacks are dangerous to the health and success of a small business is something of an understatement. According to one study, an incredible 60% of all small businesses close their doors within just six months of a successful cyberattack taking place.

The attack itself can cause an initial shock, but the consequences of the attack are what often cause a business to fail. Getting hit with a cyberattack often creates an environment of confusion and chaos:

• What’s the extent of the damage?
• What important files were stolen?
• Are we in breach of any confidentiality laws, or do we have compliance issues to worry about?
• Who needs to be notified?
• What will this do to our reputation?
• Was any of our intellectual property stolen in the attack?

The answers to these questions are almost uniformly bad, particularly in a situation like a ransomware attack. Thankfully, these types of situations can be avoided—provided that you’ve made regular, successful backups a priority.

What Is Ransomware?

Ransomware is a particularly nasty strain of malware that targets both individual computers and entire networks. According to a study by NBC News, ransomware was a billion-dollar enterprise in 2016.

Most of the time, ransomware attacks occur after you or one of your employees accidentally downloads and executes a rogue computer program from a source that you thought was legitimate. Maybe that email from a client wasn’t from a client at all – it just looked that way at first glance. The fact that you didn’t have time to dig deeper is what hackers are depending on.

When a ransomware virus executes, it immediately encrypts all data on the infected machine. You are then greeted with a screen outlining what has happened with a promise to return that valuable information if you pay a large sum of money. The problem is that these costs can often be quite significant and, even if you do pay, there’s no guarantee that the hackers will actually turn over the data they’ve compromised.

The end result is that everything on your system is gone in an instant. All those important projects you were working on, all of those documents that took months or years to create. You’re suddenly back at “square one.”

The Problem with Failed Backups

Backups, are the one hope you have after a ransomware attack—If you’ve been keeping up with them, that is. One of the most essential best practices for backing up documents and other mission-critical data isn’t just to make sure that it happens, but that they were successfully completed and stored in a secure, off-site location.

The problem is that far too many small-business professionals see backups as a burden, and something they really don’t have time for. If you get hit with a ransomware attack and your backups were stored on the same machine, bad news — They’re not going to help you. If you get hit with a ransomware attack and you haven’t backed up in months, bad news — You’ve just lost a huge amount of progress, and potentially ruined your reputation with clients.

Note: According to a study conducted by Storage Magazine, over 34% of companies don’t test their backups on a regular basis to make sure they actually completed successfully. Of those that do, 77% found that tape-based backups often failed to restore for a wide range of different reasons. Perhaps the most damning statistic of all is that according to Microsoft, 42% of attempted recoveries from tape-based backups in the past year have failed entirely.

The Best-Case Scenario

The key to not to just hope your backups will never fail. It’s to take realistic, effective steps to mitigate risk failed backups.

Backing your data up to a secure, off-site location is the best-case scenario in the event of a ransomware attack. For the sake of argument, let’s say that your work computer was hit with a ransomware attack. You did everything you could to prevent it, but somehow it slipped through. You were quick, but the attacker was quicker. It happens.

With quality backups on a separate machine that’s been tested and re-tested, recovery is a foregone conclusion. All you have to do is service the machine in question to totally remove the virus, which will usually involve the IT equivalent of a factory reset. Then, you can restore those quality backups onto the machine and pick up right where you left off.

You might lose an afternoon of productivity, but you’re not going to lose documents or other data that do the type of damage from which your small business might never recover.

But again, none of this is possible if you aren’t prioritizing your backups in the first place. In the vast majority of cases, your backups are your first and best line of defense against today’s cyberattacks that are getting more sophisticated all the time.

Any step that you can take to avoid becoming just another example in a long line of painful situations is a step absolutely worth taking.

Ransomware isn’t going to disappear anytime soon. If anything, it’s only going to get worse before it gets better. This is why ongoing training and education are so essential. It helps create a much stronger defense against these and other types of threats. If you’re in the Vancouver area and would like to find out more about this or other IT topics, please don’t delay — Contact Compunet InfoTech at (604) 986-8170 or by sending us an email to: info@compunet.ca