Security Market Segment LS
Friday, 23 June 2017 11:38

Get data recovery skills or be 'taken' by ransomware

By Chris Gondek and Ray Shaw

WannaCry and ransomware have been in the news so much that it is becoming expected that you will be held to ransom – when not if.

TakenImagine if your data was “taken” but instead of panicking, you instantly became Liam Neeson from the movie “Taken”. The coolest, toughest character ever imagined, who dealt with his own ransom situation – without paying.

WannaCry, a ransomware campaign with unprecedented scale, hit around 200,000 systems across 150 countries.

Australia was no exception, with reports of several businesses impacted by the attack and more local computer systems expecting to be hit.

iTWire asked Chris Gondek, principal architect, Commvault, data and information management specialists for his take on how best to prepare for the new paradigm.

Commvault Chris Gondek

Ransomware, and other malicious software is estimated to cost the Australian economy about $1 billion a year. In Britain, WannaCry has crippled the health system — with stroke victims unable to undergo urgent surgery because their scans could not be accessed — and affected other businesses around the world.



When ransomware hits: three options for data recovery

“Ransomware” is increasingly becoming the number one cause of data loss for businesses. Software security has become more resilient to cyber attacks, but what happens (and it does happen a lot) when the security systems fail and are bypassed by a simple phishing attack, or a patch not applied?

When ransomware hits your business, you have three choices:

Give up, cut your losses and start again? For most businesses, this is not really an option as you can’t just write off potentially business critical data that is held in the attack. At the same time, you need to bring systems back to a working condition and often data is key to this

Pay the ransom!? Who knows, you might get your data back, and once you have paid, they know who to target again – repeatedly, until the software evolves to become “extortion-ware”

Channel your inner Liam Neeson, and tell the ransom-holders that you have a particular set of skills… skills you have acquired over a very long career… skills that make you a nightmare for data extortionists 

Be cool: use your data recovery skills

Those skills, are data recovery skills. The only way businesses can ignore any ransomware is to immediately recover from data backup, and the emphasis is on immediately.

Cyber attacks are becoming increasingly more sophisticated and while an attack cannot always be avoided, there are steps you can put in place to mitigate the effects of attacks. You can have processes in place to minimise customer impact and the organisation’s own brand and reputation.

For example, achievable Recovery Time Objectives (RTO). RTO refers to the time it takes a business to restore data once a disaster has struck, including bringing your systems back to normal. It may seem straightforward on the surface but to be able to perform quick data recovery, you need to have a powerful data protection solution and an understood and agreed on service level in place.

Data recovery needs speed and automation

To recover from a ransomware attack, you need to have deployed — and managed — data backup. Being able to backup databases, files, applications, endpoints and VMs according to data type and recovery profile is critical to a speedy recovery.

In addition, organisations who employ good data management will know where the data lives — across public or private cloud(s), on-premises or co-lo sites — and will have specific data backups and processes in place to protect it. As a result, when an emergency hits, data recovery is fast and automated.

Today, businesses seem to be focused on their security, rather than recoverability. Whilst security is critical to every organisation across the globe, we cannot forget that an attacker only has to get lucky once. With data being the heartbeat of businesses today, being able to prevent loss and recover, should be mission critical.

The only true way to be completely confident in the face of this new threat is to have those data recovery skills. When you know data management – and adhere to good data practices – you make yourself a nightmare to the ransomware creators, effectively rendering themselves useless. 


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more




Recent Comments