Data Backup Is an Extremely Effective Counter to Ransomware

Table of Contents

When you hear the word “ransom” what do you think of?

If you're like me, you flashback to any of a dozen movie scenes. There's a worried spouse holding a ransom note. Surrounded by police, the phone call comes in. Immediately, the trace attempt begins and the worried husband tries to keep the kidnappers on the line, but to no avail. The kidnappers want their million dollars by noon tomorrow or the wife will never be seen again.

Then, depending on the movie, cue the slapstick comedy (Ruthless People, The Big Lebowski) or the taut action movie (Ransom).

While entertaining in a movie, ransoms also happen in real life

Data backup is a great defense against ransomware

Today, when security professionals hear “ransom,” they immediately think of ransomware. Instead of never seeing your spouse again though, it's your information these criminals kidnap.

Ransomware is malware that encrypts and locks you out of your data. Phishing emails or visits to an infected website are how most businesses are infected. Once ransomware gains access to your data, you have to pay – usually through a digital service like bitcoin – to regain control of your data.

If you delete the malware, you delete your information.

Once infected, there are two choices – lose your information or pay the ransom. Fortunately, there's a well-known business best practice to protect yourself: data backup.

Ransomware Threat Keeps Growing

A business falls victim to a ransomware attack ever 40 seconds. By 2019, ransomware attacks on business will happen every 14 seconds. Damage from those ransomware attacks is predicted to reach $11.5 billion by 2019 (Cybersecurity Ventures).

It's a trend that's not going away. Malwarebytes research indicates that about 60% of malware payloads in the first quarter of 2017 contained ransomware.

The FBI estimates that over $5 billion in ransom was paid in 2017 (though it's probably more because the crime is under-reported).

ransomware attacks continue to accelerate

Ransomware = Easy Money

Cybercriminals like easy money, which is why they like ransomware. You can even be a lazy cybercriminal and buy a ransomware kit off of the dark web (it exists). That's right, there's ransomware-as-a-service.

In 2016, 64% of U.S. Businesses paid ransom “requests.” The average ransom is $1,077 per attack in 2016, up from $264 in 2015 (from the Symantec 2017 Internet Security Threat Report).

Note that relatively small average size of the ransom. While the size of ransoms have increased as cybercriminals have shifted from individuals to business, they're going after smaller businesses. While the rewards are more lucrative from larger companies, it's simply easier for low-skill hackers to target companies more likely to have weaker network security in place.

Think about your critical business documents. What would you do if you suddenly couldn't access them and received a ransom note for $2,000?

New Call-to-action

Avoid Ransomware

One of the best protections from susceptibility to ransomware is also a business best practice – backup your data.

A good backup strategy will mean your data is backed up at regular intervals (and not on network drives, which are easily accessible to ransomware once the virus gets into your system).

Ransomware can be avoided with good employee training and a data backup plan

Depending on your business, there will be a balancing act between cost and security. More frequent backups will cost more, but limit data loss. Less frequent backups expose you to more lost data.

A managed IT partner can work with you as a trusted advisor to identify the perfect mix of frequency, security, and cost.

Regardless, when you have a good data backup solution in place, you can wad that ransom note up and throw it away. Restore your data from backup and you'll be back in business quickly, with minimal disruption.

While you may lose a day's worth of new data or an hour (depending on the frequency of your backups), you'll always be able to restore your data so you won't be held up for ransom.

Kill two birds with one stone, invest in data backup – even if you're never attacked by a ransomware virus, data backup will allow you to maintain access to your critical business information in the case of disaster or employee mistake that deletes information accidentally.

New Call-to-action

Categories: Security, Office Hacks, Cloud, Managed Services

blogs related to this

Artificial Intelligence Can Help Everyone - Including Scammers. What to Look For.

Artificial Intelligence Can Help Everyone - Including Scammers. What to Look For.

We all knew that artificial intelligence (AI) would be a great disruptor. However, now that the era of AI is upon us, its potential dangers and...

How to Protect Your Business From a Brute Force Attack

How to Protect Your Business From a Brute Force Attack

Data breaches are every business’s worst nightmare. With every passing year, hackers find new ways to gain unauthorized access to enterprises’ IT...

Minimize Risk and Maximize Security with Cybersecurity Insurance

Minimize Risk and Maximize Security with Cybersecurity Insurance

Cybersecurity insurance, also known as cyber insurance or cyber liability insurance, provides comprehensive coverage to businesses. It helps them...

How Scammers Can Use Your Voice Against You

How Scammers Can Use Your Voice Against You

Cybercriminals and scammers can use your voice as a weapon against you. Once upon a time, we might have brushed off the idea of fraudsters using...

Cybersecurity Laws and Regulations to Know About (2024)

Cybersecurity Laws and Regulations to Know About (2024)

As businesses weave cloud computing, edge computing, internet-of-things (IoT), artificial intelligence (AI), machine learning (ML), and myriad other...

What is the Difference Between MDR and Endpoint Detection & Response (EDR)?

What is the Difference Between MDR and Endpoint Detection & Response (EDR)?

The cybersecurity market is booming and enterprises have thousands of security solutions to choose from. However, two security solutions hover over...

What is Endpoint Detection & Response (EDR)?

What is Endpoint Detection & Response (EDR)?

An endpoint is any device connected to an enterprise network. Security teams have focused on protecting enterprise endpoints from threats and...