Ransomware: Why Backup and Recovery is your Only Real Line of Defence

Ransomware. Malicious software which encrypts files on a system without the user’s consent and then demands payment to release the information.

In the past year, Ransomware has made the headlines on numerous occasions as the primary malicious threat facing organisational IT systems. The primary reason being Ransomware’s new-found ability to rapidly infect an entire network with no user action.

Ransomware is not a new threat, it has been around for a few years. Before 2017 users would be infected by Ransomware if they downloaded a file and executed it. The infection, however, was limited to the single user who executed the infected ransomware file.

That changed with the WannaCry and NotPetya variants which were released in mid-2017. They appeared with an automatic propagation feature which allowed the Ransomware to quickly spread across an entire network when a single user on the network was infected. The impact was severe as these two Ransomware variants took global organisations offline for days.

Anti-malware, which is the first line of defence against Ransomware, did not pick up WannaCry and NotPetya since they were new, and their signatures were not in any anti-malware database. This is not a new weakness.

Anti-malware has always been a reactive technology and can only defend against what it already knows. Any new threats will pass right by until they are added to the anti-malware database of known threats.

The second line of defence is regular, operational system maintenance. WannaCry and NotPetya spread through a known Microsoft vulnerability which had not been patched. However, the complexity of modern software applications means there are many more vulnerabilities which we do not even know about yet. Zero-day vulnerabilities, vulnerabilities which have no vendor patch, having been used in the past to compromise systems.

It’s just a matter of time until a new variant of Ransomware uses a zero-day to spread and even the most up-to-date systems will be vulnerable.

This means that even if you have great anti-malware and regularly install systems updates, the risk of Ransomware infection still exists as anti-malware is ineffective against new Ransomware strains and undiscovered vulnerabilities could be exploited. To ensure you can recover from a Ransomware attack you, therefore, need a robust backup and recovery solution which is your last line of defence and your only real protection against a future Ransomware attack.

One which will bypass anti-malware and use a zero-day vulnerability to infect your network.

Organisations cannot afford any downtime due to the dependency commerce has placed on online systems. An hour of downtime negatively impacts business. Lost revenue, lost productivity and damage to the organisation’s brand are all real consequences when systems go offline unexpectedly.

Organisations therefore not only need a backup and recovery solution to protect them against Ransomware, but they also need a backup and recovery solution which ensures they can rapidly recover with little to no downtime.

Digital Sense’s Data Protection service is a backup and recovery solution which can be tailored to each organisation’s unique operating environment. Backup and recovery options include: Virtual Machine or agent level backup, Customer On-Premise and Digital Sense Cloud and Public Cloud, Desktop backup for end-user computing environments and off-site backup with Veeam Cloud Connect.

In addition, Digital Sense also offers Virtual Machine Disaster Recovery. This service allows significantly improved Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO) over traditional Disaster Recovery approaches and uses advanced journaling technologies to record all operations creating low RPOs and RTOs. This means that when a disaster like Ransomware strikes, you can be back up and running in a matter of minutes.

Whatever your requirements, Digital Sense’s Data Protection and Disaster Recovery solutions ensure your data is completely protected and that you have the best defence possible against the next Ransomware attack.

Digital Sense offers Veeam Cloud Connect which gives you the ability to rapidly and securely backup your data to the Digital Sense Data Centre, without the cost and complexity of developing and sustaining an off-site business continuity environment.

By utilising this enterprise-grade cloud-based service, you can grow and secure your business cost-effectively with the support of business continuity professionals who can advise and guide you on the best way possible to achieve your objectives.