Updated: Jul 11
Armour Cybersecurity Small & Medium Cybersecurity Enterprises Series
Ransomware attacks have been on the rise for a while now, but there's been a surge since the COVID-19 pandemic started. The reality today is that no one is safe. Companies from all sectors of all sizes have been targeted and ransomed around the globe. The ransomware attacks in the first half of 2021 grew by 93%; however, the amount of money attackers demand (ransom demands) grew by a whopping 518%.
In most cases, ransomware encrypts your data/systems to the level your business cannot operate without restoring the information. Typically companies are left with two options:
1) Pay the ransom - Get the decryption key from cyber criminals to the locked files and hope it will work; typically, the success rate is less than 50%.
2) Don't pay the ransom - Restore the data and systems from backups.
Now imagine it happened to your organization, all systems are down, and any business process relying on Information Technology cannot operate. You come to your office or manufacturing floor, and nothing works. All you can hear is an eerie silence. This is when you have to choose from one of the options above.
Experiencing a ransomware situation in the organization is stressful and even painful. It introduces extreme pressure on the management and staff handling cyber incidents. It is your business livelihood on the line here, as well as your employees and their families.
Our simple recommendation is Never Pay; to be able to take this bold stance, you need to invest in preparations, and this is where we would like to
shed some light and focus specifically on protecting your data and system with bulletproof backups that you can always restore.
Of course, at the base, you need to invest in modern multilayer protection for your organization that will include many aspects; for that, please refer to our other articles. The focus of this article is on how to build a bulletproof backup.
What do we mean by a bulletproof backup? If you built a backup that you can access and use to restore your critical data and system, regardless of how bad cyber attacks hit your organization.
Now you might ask, is it achievable? The simple answer is: ABSOLUTELY YES.
It requires doing some work, is often uncomfortable, and costs a little more upfront; however, the outcome is that it is significantly cheaper 100% of the time than paying a ransom.
Here is an example of a good strategy that, if implemented properly, can allow executives and business owners to sleep better at night.
It starts from governance, where you need to ensure the completeness of your backup. You need to map all your data and critical systems to be included in the backed up according to the business risk assigned to each item. This should be well documented and communicated to all stakeholders in your organization.
Once you understand what you need to backup, you need to choose the technology that will provide you with a solution for all data and systems. Too often, critical business assets are not included in the backup due to technology the internal IT team uses or external IT MSP offering. Nowadays, backup technologies are robust and affordable; no business-critical system should be left out of backup.
Now that you know what you need to backup and have chosen the right technology, here comes the hard part: How do you use these building blocks to build a bulletproof backup?
The secret sauce here combines the approach and operational rigour that must be applied going forward.
As the approach, we recommend using a battle-tested strategy called 3-2-1, or in more detail, it refers to:
· 3 Copies of your data
· 2 Different types of media
· 1 offline copy
Let's elaborate a bit more here: Your organization should have 3 different copies of Data; those copies should be stored on 2 different types of media; you should also have 1 disconnected (offline) copy. The logic behind it means you need to replicate data to 3 copies at any time; in case one of the data copies gets corrupted or ransomed, you can go to the other 2 copies. The two different types of media reduce the chances of losing data if one media gets corrupted or compromised. And lastly, the offline copy makes it even harder to compromise your backup as it requires cyber criminals to get to the physical realm; assuming you store the offline copy correctly, it lowers the probability that this copy will be accessed by cybercriminals.
Let's say you figured that one out correctly. Now you need to set operational processes to ensure a disciplined backup of all items on your list and properly secured backup technology.
Failing to secure the backup software is one of the key failure spots for many IT departments and MSPs. The direct outcome in such a scenario is that attackers can destroy the backups and leave no choice to victims but to pay the ransom demand or start building their systems and data from scratch.
Another critical aspect of operations should include periodic data and systems restore testing and backups validation. Having the backups tested in different scenarios achieves a few crucial goals, but most of all, you know that your backup process & technology work, your team is ready, and your organization can recover from a real cyber attack. Can you say today that you know that your backups are bulletproof today?
March 31st is world backup day. It is an annual holiday honouring the importance of data protection and smart backup practices.
The goal of the backup day is to bring awareness to the importance of data & systems protection and to be a reminder to organizations. Backups are a critical component of good business practice. Regardless of your organization's size. The smaller the business, the bigger the impact in case of a cyber-attack or if something happened to your data because of other causes.
Call us today to learn the best practices recommended for backing up your data and how you can build a bulletproof backup for your organization.