Home Security Get data recovery skills or be 'taken' by ransomware

Get data recovery skills or be 'taken' by ransomware

  • 23 June 2017
  • Written by  Chris Gondek and Ray Shaw
  • Published in Security

WannaCry and ransomware have been in the news so much that it is becoming expected that you will be held to ransom – when not if.

TakenImagine if your data was “taken” but instead of panicking, you instantly became Liam Neeson from the movie “Taken”. The coolest, toughest character ever imagined, who dealt with his own ransom situation – without paying.

WannaCry, a ransomware campaign with unprecedented scale, hit around 200,000 systems across 150 countries.

Australia was no exception, with reports of several businesses impacted by the attack and more local computer systems expecting to be hit.

iTWire asked Chris Gondek, principal architect, Commvault, data and information management specialists for his take on how best to prepare for the new paradigm.

Commvault Chris Gondek

Ransomware, and other malicious software is estimated to cost the Australian economy about $1 billion a year. In Britain, WannaCry has crippled the health system — with stroke victims unable to undergo urgent surgery because their scans could not be accessed — and affected other businesses around the world.

 

 

When ransomware hits: three options for data recovery

“Ransomware” is increasingly becoming the number one cause of data loss for businesses. Software security has become more resilient to cyber attacks, but what happens (and it does happen a lot) when the security systems fail and are bypassed by a simple phishing attack, or a patch not applied?

When ransomware hits your business, you have three choices:

Give up, cut your losses and start again? For most businesses, this is not really an option as you can’t just write off potentially business critical data that is held in the attack. At the same time, you need to bring systems back to a working condition and often data is key to this

Pay the ransom!? Who knows, you might get your data back, and once you have paid, they know who to target again – repeatedly, until the software evolves to become “extortion-ware”

Channel your inner Liam Neeson, and tell the ransom-holders that you have a particular set of skills… skills you have acquired over a very long career… skills that make you a nightmare for data extortionists 

Be cool: use your data recovery skills

Those skills, are data recovery skills. The only way businesses can ignore any ransomware is to immediately recover from data backup, and the emphasis is on immediately.

Cyber attacks are becoming increasingly more sophisticated and while an attack cannot always be avoided, there are steps you can put in place to mitigate the effects of attacks. You can have processes in place to minimise customer impact and the organisation’s own brand and reputation.

For example, achievable Recovery Time Objectives (RTO). RTO refers to the time it takes a business to restore data once a disaster has struck, including bringing your systems back to normal. It may seem straightforward on the surface but to be able to perform quick data recovery, you need to have a powerful data protection solution and an understood and agreed on service level in place.

Data recovery needs speed and automation

To recover from a ransomware attack, you need to have deployed — and managed — data backup. Being able to backup databases, files, applications, endpoints and VMs according to data type and recovery profile is critical to a speedy recovery.

In addition, organisations who employ good data management will know where the data lives — across public or private cloud(s), on-premises or co-lo sites — and will have specific data backups and processes in place to protect it. As a result, when an emergency hits, data recovery is fast and automated.

Today, businesses seem to be focused on their security, rather than recoverability. Whilst security is critical to every organisation across the globe, we cannot forget that an attacker only has to get lucky once. With data being the heartbeat of businesses today, being able to prevent loss and recover, should be mission critical.

The only true way to be completely confident in the face of this new threat is to have those data recovery skills. When you know data management – and adhere to good data practices – you make yourself a nightmare to the ransomware creators, effectively rendering themselves useless. 

LEARN HOW TO BE A SUCCESSFUL MVNO

Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service

DOWNLOAD NOW!