Ransomware variants are becoming smarter. Their traditional approach is they would disguise themselves in email attachments. Upon the unsuspecting person opening the attachment, the ransomware would encrypt the person or company’s data then ask for a king’s ransom to get that data back.
Unfortunately, even when people complied it doesn’t always work out. Only half of companies who paid their ransom received their data back, leading many to employ other safeguards such as data backups.
After all, if you have your data spread out, it can help you identify ransomware behaviors and stop them before they wipe out your data. But this isn’t a perfect solution either. There are ways you can still become vulnerable even with data backups.
Backups failing to cover all systems: One mistake some companies come across is a failure to backup all the files and programs they need. This can be due to cost-cutting measures since data storage can be expensive to an organization’s bottom line. Another way this occurs is if the last backup happened a long time ago and you have new files or systems you haven’t updated.
Failure to test vulnerabilities:An issue a company might come across is they find their backups are vulnerable to attack. This can be an unsettling discovery, as it could indicate by the time you find that vulnerability it’s too late-the ransomware has your data. To prevent this from happening, it’s vital to test your data backups regularly to ensure they are running well and have no weaknesses.
Hybrid variants are a new threat:There are some ransomware variants that disguise themselves to gain access to your data backups. To demonstrate, Windows programs use restore points or shadow copies for data, according to Search Data Backup. Yet, some ransomware variants such as Crypto are designed to seek and destroy shadow copies and restore points, rendering the backup ineffective.
Another vulnerability is writing backup data onto a machine or separate hard disk. The problem with this is once ransomware infects the system, it can still find the location of the stored files since they’re on the main machine.
Use an air gap to curb ransomware
One of the most effective ways to prevent ransomware from gathering your data is to use an air gap. An air gap provides another layer of protection between your data and the ransomware. One of the most common forms of an air gap is a disk-to-disk-to-tape backup, as Search Data Backup reports, though there are other ways you can achieve an air gap, as the above illustration demonstrates using network-attached storage.
What’s beneficial about this approach is even if the ransomware attacks the data on the disks, it still cannot access an external tape drive. In fact, one of the purposes for tape drives was to provide a separate data access point on the off chance there was damage in-house such as a fire.
Ransomware attacks still represent a real threat. If you find yourself a victim of one, it’s important to act fast. Our team at SALVAGEDATA will be happy to put our expertise to work for you.