READ TIME: 4 MIN
Defending your business against ransomware attacks is a multifaceted process. Your first layer of defense is prevention, which should include measures such as employee awareness training, proactive monitoring for malware, and timely installation of updates and patches.
In spite of such precautions, ransomware attackers may still manage to find their way into your systems. “With 82% of ransomware attacks targeting small and medium-sized businesses (SMBs)1, this is clearly a threat of the highest order. This is why it is vital that you honestly assess the dreaded, worst-case scenario question:
If threat actors successfully launched a ransomware attack against your company, they would almost certainly encrypt your data. This means that, although your data would still be present, it would be converted into a form that is unusable. This would immobilize your IT system, effectively shutting down most if not all business operations.
When you consider the fact that the average downtime resulting from a ransomware attack is 3 weeks2, it becomes glaringly apparent that downtime is immensely expensive. Downtime costs quickly accumulate due to lost productivity, loss of daily revenues, and even loss of long-term customers. For some industries, such as healthcare, network downtime can even be life threatening (e.g., for patients who depend upon continuous care).
The operational paralysis caused by downtime is a primary source of leverage that hackers use to coerce their victims into paying ransoms. That coercion takes the form of an extortion attempt that would go something like this:
The threat actors would inform you that upon your payment of an untraceable ransom (usually in the form of a cryptocurrency like Bitcoin), they will provide you with the decryption code that will allow you to convert your data back into usable form. Until you pay, they will hold your data hostage.
Now, you might be thinking, “But we have our data backed up…why would I pay these criminals for a code to decrypt our data when we can just rely on our backups?” Smart question, but the thing is, before you thought to ask that question, the threat actors anticipated not only the question but the answer.
A concerning trend over the last few years has been for ransomware attackers to first go after existing backups, well before anyone is aware that their systems have been breached3. After deleting or compromising the backups, the attackers then proceed to the stage of their scheme when they inform the victimized business of their shakedown.
As a key decision maker for your business, this would put you into a position of choosing between (a) paying the ransom, or (b) losing your data and possibly your entire business. This is one reason why so many businesses ultimately do end up paying ransoms.
Interestingly, 66% of businesses polled stated that they would never pay the attackers if caught up in a ransomware attack; however, in reality, up to 65% do go through with the payments4. This suggests that if you wound up in the crosshairs of ransomware attackers, you might actually find yourself defenseless and willing to concede defeat by paying the ransom.
This brings us to the good part of our story: The key to protecting your business against ransomware attackers is indeed backing up your data. However, cybercriminals may specifically seek out backup files in your network, so you must also maintain backups in off-site storage that is inaccessible to threat actors.
Disaster recovery as a service (DRaaS), which includes off-site data storage, is an essential element of establishing your business continuity strategy. Data is backed up continually and is immediately retrievable in the event of loss. Integrating DRaaS into your overall IT strategy helps you to prepare for the worst of situations, ensuring that your IT systems—and therefore your business operations—remain functional during crises such as ransomware attacks.
By storing backups safely out of reach, you disable the attackers’ capacity to manipulate you via data encryption. The happy conclusion to this story is that with thorough preparation that covers all contingencies, your company can successfully weather a ransomware attack.
Are you interested in learning more about how DRaaS solutions can help you to weather IT disasters?
References: