Will You Be Ready When Ransomware Strikes?

Posted by Maura Mahoney on Tue, Jun 27, 2017 @ 09:00 AM

image001.pngThe question isn’t if it will happen, only when… 

High-profile cyberattacks like the recent WannaCry ransomware attack are becoming hard for businesses to ignore. It’s clear that ransomware attacks are becoming more sophisticated and difficult to detect. Today, even seasoned users can slip up and click on an infected link.   

For example, an employee might be tricked by an email that looks like it’s coming from your CFO. The subject line could look perfectly legitimate a request to review an invoice, for example. 

Most employees will respond to that email because it looks important. By the time your employee or IT department realizes the error, it will be too late. The damage will have been done. 

Is Employee Training and Security Software Enough? 

Many companies use preventative measures to try and stop ransomware, such as investing in security products and employee training. Despite the best efforts of the IT staff, it is a challenge to stop ransomware attacks 

Even if the employee majority is following protocol, it just takes that one user and one mistake to invite the malware in. 

Your staff may be doing everything they are supposed to, but all it takes is for one user to slip up for your system to be compromised by malware. Once the ransomware dominoes start to topple, the consequences will be embarrassing, catastrophic, or both. 

Hackers Will Add Insult to Your Injury 

If your organization is hit by ransomware, and you pay the hackers to unlock your files, you’ll be at increased risk to get hit again. Word will “hit the street” that you’re an easy, lucrative target. It takes very little effort for an enterprising hacker to try and trip you up, again, and again, and again. 

Can You Eliminate the Risk of a Ransomware Attack? 

Without a doubt, you should do all that you can to prevent or mitigate ransomware within your organization. These efforts do help, but they don’t eliminate the risk.  

In addition to safeguarding against ransomware attacks through proper training and other preventive measures, you should also have a solid plan in place so that you’re never in a position to have to pay the criminals.    

Backups Are Your Last Resort 

The bad news: You got hit by ransomware.   

The good newsYour IT department has a successful data backup that was kept separate and safe from the effects of the malware.    

Calling up data backups that have been stored separately from the main system is a common strategy to recovering from a ransomware incident. Having these backups in place is an absolute “must do” for your company. However, this approach may not prevent financial losses for your business. The recovery process may take significant time and could require downtime, which will affect both your users and your profit margin. 

If your company is like many others, you run nightly backups. If there is a downtime event, you’ll lose all the work your users did after the last backup, up until the breach. Keep in mind, some companies are not aware they have been victimized for hours, days, or even weeks.  

If a ransomware attack goes undiscovered for more than a day, you could lose a significant amount of data. Plus, you can all but guarantee that one of your executives will have lost a file of utmost importance.  

This could be a significant loss of work product. You need a process that instantly gets you back online and also mitigates the loss of data.    

Disaster Recovery as a Service: Your Secret Weapon Against Ransomware  

If you want to avoid expensive data loss and downtime from the inevitable ransomware attack, you need a process that: 

  1. Preserves all your data. 
  2. Gets you back online immediately. 

Disaster Recovery as a Service (DRaaS) offers a way to recover your files in minutes, not hours or days. You can move production to a secondary site, which gives you time and space to repair the production site. Throughout the process, your users will remain unaffected.  

Most importantly, DRaaS gives you a point-in-time recovery. You can narrow your data down to the second to ensure your recovered files are not locked by ransomware. This spares you from having to go back to a previous day’s or week’s backup, which could mean the loss of all the precious data you have collected in the meantime. 

If you have a solid DRaaS solution in place, you will render ransomware powerless against your organization and quickly recover and retrieve the data you need when attacked. You will have no need to pay a ransom if your company has a backup of the data that’s in the hacker’s sight.

Are you ready to protect your organization from ransomware and all other threats of downtime? Contact a FirstLight DRaaS specialist at 1-800-461-4863 or sales@firstlight.net

Topics: Ransomware