If the notion of ransomware was unknown to you until now, the attack of the WannaCryptor virus of May 12th that has had global repercussions in all spheres of activity has certainly made you aware of the consequences of such attacks that know no borders.
Computer attacks by ransomware cost businesses millions of dollars a year and are becoming increasingly sophisticated and difficult to avoid. The peculiarity of this type of attack is that it spreads quickly through shared files, sometimes in a matter of hours, as the attack of May 12 demonstrated. Ransomware generally infiltrates through the weakest point in the network, typically the user’s email account or social networking sites.
The ransomware locks the computer or encrypts the files, requiring payment of a “ransom” to give users access to their data. But the payment of the ransom does not guarantee the recovery of the data *, not to mention that organizations which give way to the hackers blackmail become targets of choice for a next time…
If you are lucky, your business was not targeted by the virus and you feel relieved to have been spared. In this case, remember the lesson: you were lucky this time, but rest assured that this type of attack will happen again, and that your organization may well be the victim next time.
Forward-thinking organizations have invested large sums of money to secure their IT environments and the data that transits them, which is often critical and whose destruction can jeopardize business continuity. Although security solutions are part of the equation when it comes to protecting your assets, they are only part of the strategy to counter these threats.
A complete solution to protect you from viral attacks must include a recovery plan with accessible and full backup copies in order to restore your environment as it was before the attack.
Implementing a recovery plan gives you assurance that you can quickly recover and minimize your idle time, which is often the weakest link in the management of computer attacks. The faster you get back to your pace, less your customers and suppliers will have to turn to alternatives that could ultimately be very costly to your business and reputation, even putting it at risk.
Companies that have industry-specific compliance standards are generally more aware and better equipped to quickly restore their infrastructure in the event of an attack. To find out if your company has an adequate recovery strategy, ask yourself the following questions:
- Is your backup off site (i.e. away from your primary site)?
- Can you verify that the backups are happening?
- How quickly can you restore data that’s taken hostage?
- Is your original data backed up in an unalterable way, ensuring a complete and integral recovery of your data in the event of a ransomware attack?
By answering these questions, you will take the first step to address the gaps in your recovery strategy in the event of a computer attack. Be prepared to face upcoming threats to protect your assets!
* A recent survey found that of those victims of ransomware who paid the ransom, only 71% had their files restored.