Best Way to Fight Ransomware? Secure Backups…

Ransomware is on the rise again for a few reasons:

1. Hackers improved their software availability (you can now rent and use a ransomware service for a percentage of the earnings – this adds nontechnical criminals to the party while reducing the hackers risk of getting caught)
2. Hackers improved ‘ease of use’ by adding new payment options, such as the use of online services gift cards instead of the complex to buy – Bitcoin currency.
3. ‘Easy targets’ such as schools, municipalities and small businesses are usually untrained and unprotected from blocking even most common phishing attacks.
4. Insurance companies are making it (too) easy to pay criminals when you have a ‘cyber insurance’ (bad idea as you are dealing with criminals which might not decrypt the files, might copy and sell your data, and might put you on a ‘willing to pay’ list, and then coming back a few months later with a new attack.)

There are many ways of protecting from Ransomware; user training, Antivirus software, firewalls, anti-phishing gateways and more, but there is just one solution which can provides close to 100% protection: Secure, offline backups.

Why should secure backups should become primary countermeasure to ransomware attacks?
Simply because backups can neutralize the attacker’s leverage on you.

Basically, if you have proper, up to date backups, ransomware should be no more than a time-wasting nuisance not a choice between paying a criminal lots of money or losing your data.

There’d be no profit for the hackers – because you could restore your data even if it gets erased or locked, as simple as that.

The second factor, of course, is the whole controversy of paying criminals; That keeps them going on with these attacks, adds to your future risk and obviously costs you money. But there will be no reason to pay them if you had proper backups in-place.

Cloud based backup services have gotten cheaper and easier to use, which makes them great solutions for smaller organizations with smaller budgets. Backups that are stored offsite with no connection to the primary network can thwart attackers who try to locate and encrypt your backups, as they are not easily found when the malware scans for files.

Moreover, most good cloud backups have added a revision system which solves the issue of locked / encrypted files to overwrite your last good backup when getting hit by ransomware.

Backups are an extremely important security measure, but they need to be kept secure. If your backups are stored in the cloud, it’s imperative that your cloud access doesn’t get compromised and your files get stolen / sold. Additionally, while providing a mechanism which removes the risk of losing your data, restoration process takes time and effort which can still harm your business, therefore other measures (such as user training, anti-phishing etc.) are still required.