Cybercrime and the Scourge of Ransomware Break Through the Best Defenses…
Cybercrime and the Scourge of Ransomware Break Through the Best Defenses…
Cybercrime and the scourge of ransomware break through the best defenses, even if you have layered security in place. Hackers are often after your data, corrupting it through viruses and malware, and locking it up for payment through ransomware.
Your layered security service is not complete unless you can take a last stand – protecting data by full, uncorrupted copies of everything your clients depend on that are available fast, avoiding business crippling downtime.
All clients should have multiple backups of data, preferably remote. and if not, it is something you should clearly rectify. But having backup does not mean data is fully protected. Disk and especially tape backup is prone to failure during recovery, meaning data is lost forever. And Windows-based backup devices can be infected by ransomware just like your client’s endpoints. Again, the data is gone forever.
Interface Technologies has helped thousands of clients fully and completely protect client data for years, and understands why backup is truly the last line of defense and how to best protect clients from the unfortunate reality of cybercrime.
Cybercrime is the fastest growing form of organized crime, and stunningly, larger than any other form of organized crime. Think about that for a minute. At $3 trillion a year, cybercrime is bigger than all of the cocaine, heroin, and marijuana business combined.
Why does this matter? Despite having anti-virus/antimalware tools, firewalls and other protections, cybercrime, ransomware and malware still get through.
How does this happen? Cybercrime is a business. For every person writing code to stop attacks there are myriad others, including highly organized development teams and state-sponsored groups, doing the exact opposite. These cybercriminals are making billions, and there is not much that law enforcement can do about it.
Whether they know it or not, clients desperately need the true data protection, top shelf backup, Business Continuity/Disaster Recovery (BCDR), solutions provide. That is because 75% of clients do not have a disaster recovery plan or true solution in place. When ransomware hits, these Clients have little choice but pay up.
In a recent survey 42% of victims paid the ransom. Worse, 25% did not get the data back after coughing up – so all that critical business information is gone for good! Interface has had the good luck of managing ransomware for 5-7 years. Yes clients let their guard down and in came the ransomware militia. We have had cases of no backup, and many more with great backups. Downtime has been mitigated to 24 hours and recent enhancements to our server farm, have lessened down time to an overnight exercise, at the worst.
SMBs are the sweet spot for ransomware since smaller shops do not have rich defenses, or full available backups of their data. In fact, when WannaCry attacked last year, it targeted enterprises, which tend to have a solid backup strategy. While widespread, the attack netted far less money than other attacks like Crypto Locker. WannaCry would have netted far more if it went after SMBs.
So what can SMBs do to stave off ransomware? Simple. They need a backup solution that is robust enough to secure and preserve data and restore it quickly if any data is encrypted. Even better if it detects ransomware before it takes holds.
But isn’t backup, well, just backup? Not all backup is created equal. To demonstrate, we will walk through how different approaches cope, or fail to cope, with recovering from a ransomware attack. After all, the real value of any backup solution is in the recovery.
The benefits of direct to cloud are that it is easy and cheap. The problem is that in the event of a ransomware attack, your client is down for a long time. Imagine having 15 employees at a client site and each machine has 100GB. That is 1.5TB, plus another 1.5TB for their servers. So 3TB all together. That same company probably has a 20Mb/s pipe to serve those workers.
If you devote 100% of that bandwidth for the entire time needed to do the recovery, you are looking at a 15-day process to bring the data back to the customer’s site. That can cripple or even kill an SMB. There are many causes of data loss as you can see below, including viruses/malware, software failure, hardware failures (the leading cause), human error, and finally natural disasters – which only accounts for 3% of major outages or data loss.
If you servers are closer to your backup, a lot of time is saved. Interface Technologies Cloud Services have backup housed close by for immediate restoration. Our replication, which is the “backup’s backup”, is stored 20 kms away, but on a 10 gigabit connection. Therefore moving 1 terabyte of data stored remotely would take 20 minutes at 80% efficiency.