Just under 950,000 unique users were victims of Ransomware in 2017, with 26.2% of those being business users. So just what is the best way of preventing this vicious piece of malware?
Ransomware is a type of malicious software which hijacks the user’s machines and typically prevents access to data and files through encryption. To retrieve access, users have to pay a fee (or ransom) which could reach the thousands of pounds. Upon payment (which is paid in Bitcoin), users are given a decryption key to then access their files again – although this is not always the case. While falling victim to ransomware may result in lost data, if you put preventative measures in place to begin with, this is not necessarily a huge problem…
First of all, if you do find your machine infected with ransomware, you should never pay the fee. There is no guarantee that you will get your data back, and it only feeds the practice of spreading the malicious software. The only other option you have to retrieve data from this point is to restore your machine from a previous, uninfected backup, and rely on and implement a disaster recovery plan. A good disaster recovery policy is important, as Ransomware has the same unwanted impact on your business. From there, you can decide what you need from your IT provider and how quickly you need to recover. We have more on disaster recovery policies here.
Infrascale Disaster Recovery
In the event that we need to recover data for our clients, we use Infrascale, a piece of disaster recovery software, ideal for restoring previous versions of files. Infrascale contains unlimited version history, so if your most recent backup is also affected by ransomware, you can choose the most recent, good backup to restore to. This will most likely result in some data loss, but this would be a much better scenario than being permanently locked out by ransomware.
Infrascale offers fast disaster recovery too with previous file versions available in seconds. As fast as ransomware encrypts your files, you are able to access previous versions. This can be performed from an on-site appliance or from a public/private cloud and can save hours of downtime by accessing a virtual production environment. You can quickly explore an image of the infected disk to be able to determine the time of the infection, then restore the backup to just before that point. Anomaly detection also catches threats early in case the malware starts affecting files. Users will receive an email alert when anomalies in files have been found, allowing you to revert to a point before the infection.
Relying On Disaster Recovery
With any disaster recovery processes, you must always test it thoroughly. Disaster recovery is something you should be able to rely on, and finding out you can’t get your data back at a crucial time can be devastating to your business. If you would like help in setting up disaster recovery in your organisation, please get in touch. Our dedicated team of IT specialists will be more than happy to talk through your requirements.