Sunday, 11 February 2018 Blog ehdf

Will your Backups protect you against Ransomware?

Few, if any, of the day to day functions of a modern enterprise, are free from the influence of their IT infrastructure. However, the advantages gained by creating central repositories of information and data also result in vulnerabilities. Data, in this day and age, equates value – whether it is due to its sensitive nature or because it is central to the functioning of an organization. The loss of data and other IT disruptions are such a tangible threat to an organization that it has led to a rise in cybercrime – specifically through the use of Ransomware. IT infrastructure and strategies for Disaster Recovery in the UAE have also developed in keeping with these challenges.

A recent study emerging from the UK has shown that upto 40% of organizations subjected to extortion, through the use of a Ransomware attack, ended up paying the cybercriminals. Several instances of such attacks have been so advanced, in the complexity of the encryption used, that several law enforcement agents and agencies have even recommended payment of the extortion amount as the cheapest resolution available. However, the truly perplexing part of this phenomenon is that vulnerability to it can be addressed, to a degree, rather simply. The creation of an adequate and routinely updated backup goes a long way in making such extortion attempts far less effective. Disaster Recovery in Dubai, in terms of a response against such attacks, has come a long way in recent years. Enterprises in the region are being actively advised to incorporate robust backup measures rather than leaving themselves vulnerable.

Reasons for inadequate backup include vulnerabilities introduced by imprudent practices driven by costs involved in backing all critical files, or often enough, inadequate monitoring of the performance of the backup system in place or due to the backup storage remaining connected to the network after data has been duplicated. These are all issues that can be mitigated through process integrity at minimal expense. An organization that is averse to the costs involved is well advised to consider the losses incurred by becoming prey to such an attack.

The first step to preventing losses due to ransomware attacks is creating an adequate defense in the form of anti malware and anti ransomware protection, through the use of applications and programs that can detect such ransomware and prevent their spread. The most effective and efficient solution to such attacks, however, lies in backup facilities and practices.

A regular backup is central to maintaining access to critical data. Businesses must ensure that they backup their data and records on a constant and ongoing basis, while also taking care that the backup does not remain connected to the larger network after it has been updated – in order to quarantine it from such attacks. Several of the latest generation of Ransomware attacks attached storage devices and a backup storage that is accessible – especially by a computer with internet access – can become compromised as well. Keeping backups offsite, with access limitations, encryption protection and appropriate security, are an excellent solution that alleviates such risks.

Backups should also remain as current as possible, in order to be useful. Having a daily, periodic medium term, as well as long term backup schedule, that is strictly adhered to, is essential. Periodic backups cover the organization in the event that an attack occurs while the backup storage is connected to the larger network – through human error or because the procedure of backing up the files is underway. In such an event, the organization has the option of restricting the extent to which it is compromised by reverting to the most recent backup that has escaped encryption.

As the risk of such cyber-attacks is addressed, the nature of the attacks themselves is also increasing in sophistication. Businesses and their IT partners are best advised to remain ahead of the curve, by actively seeking to remain informed and equipped to deal with these threats. Investing in the right infrastructure, processes, continued upskilling and creation of good work practices is a far lower price to pay than one that results from being indifferent to the threat.