• Follow us


Best practices for preventing and recovering from a ransomware attack

Today’s cyber-criminals are smarter than ever, and it’s likely that we are yet to see the most advanced attacks the world has seen. With an estimated global cost of around $6 trillion (£4.24 trillion) per year attributed to cybercrime, there can be no denying that digital crime is just as lucrative for criminals as it is destructive to businesses.

Perhaps the most memorable cyber-attack in recent history was in May 2017, when the WannaCry attack jolted the public into awareness of just how destructive ransomware can be. WannaCry infected over 300,000 Windows computers by encrypting data on the machines and then demanding Bitcoin to unlock the data. It was a particularly destructive attack as it struck a number of high-profile systems, including many in the NHS.

Unfortunately, the WannaCry attack is just one example out of a plethora of attacks that have occurred over recent years. Research shows that 40 per cent of mid to large UK businesses suffered an average of five ransomware attacks in the past year, costing them individually £329,976 per annum. Meanwhile a report by McAfee showed that ransomware issues grew 56 per cent in 2017, and another study by Trend Micro named ransomware as its number one cyber-threat for 2018. With this in mind, it’s fair to assume that most organisations, if they haven’t already, will have to deal with ransomware at some stage. And given that approximately 90 per cent of businesses that lose data are forced to close within two years, being unprepared for a ransomware attack is not a risk that businesses can afford to take.

There are several factors contributing to the dramatic rise we’re seeing in ransomware attacks:

Ransomware has now moved beyond the amateurs to the professionals who are more likely to be aware of security holes, making attacks more successful. We are also seeing a rise in highly targeted attacks that are more sophisticated and therefore, more dangerous.The anonymous nature of Bitcoin has driven investment in the cryptocurrency, making it an ideal currency for attackers making demands on attack victims.Computers are providing value for longer than ever, but that means many lack the latest security updates to operating system updates that can repel attacks. IT professionals are often reluctant to patch older computers because OS updates often slow down old systems, but it is vital that they are kept up to date with the most recent security software.Most ransomware attacks arrive through email, and many employees have not been properly trained to recognise a malicious email attachment. While training employees to be more vigilant for attacks can be time consuming and expensive, it is one of the most effective ways that organisations can defend themselves against ransomware attacks.

There’s no doubt about it; cybercrime is an omnipresent threat that isn’t going away. But there is a lot that companies can do to prepare. Taking steps to understand and outsmart the new technologies that criminals are employing to steal data and money is key, particularly given the often-irreparable reputational damage that faces those businesses that suffer breaches.

Outlined below are the best practices that businesses should consider implementing to safeguard against attacks, including a few suggestions on how to respond to an attack on your data should it occur.

How to mitigate attacks

The most effective step that an organisation can take to combat ransomware is to perform a regular backup of the most important files. The most sophisticated attacks aim to encrypt both data files and Windows restore points, so this should be top of mind when installing a backup system.

The rise in the amount of data being accumulated and stored is placing pressure on backup systems.  As well as being unprepared for future, many organisations are struggling with the day to day management of data backup and protection. Indeed, research shows that nearly 50 per cent of IT decision makers (ITDM) are struggling with data growth and believe it is only going to get worse; and 51 per cent of ITDMs are not confident that their IT infrastructures can perform instant data recovery in the event of a failure.  It’s clear there is a problem, and a screaming demand for appropriate backup and recovery strategies and systems.

Backing up critical data and making it easy to recover is one of the best lines of defence that a business can take against ransomware attacks.  For organisations without a current disaster recovery plan, a quality backup and restore solution should be considered as a matter of urgency. In addition to performing regular backups, businesses should consider the following:

Updating all software according to a regular maintenance plan. If a workstation or server is too old to update, retire it. The few tasks that it can perform do not outweigh the risk it presents to the other machines on the network.Restrict administrator accounts to only a few people in the organisation and create user (not admin) accounts on each workstation, for each employee. End users should not be logged into machines as administrators as the most destructive ransomware is designed to gain access to network areas that are only accessible via administrator accounts.Verify backups and replicate backups offsite. Performing backups is just the first step because, of course, these will not be effective unless they are proven to work. The only way to make sure is to verify backups by testing the data restore process. Occasionally the backup restores properly but does not include all critical files. This is something that should be frequently checked. Adding an offsite backup strategy, including processes for restoring data and leveraging off-site cloud services, adds a necessary layer of security to your organisation’s information and mitigate ransomware attacks.Employee training is often overlooked or not regularly updated for new employees. Do not assume that employees are tech-savvy enough to recognise malware that has been sent over email. Regular training takes time and valuable resources, but alongside backup, it is one of the main factors that can have the biggest impact in deterring the spread of ransomware through an organisation.Antivirus endpoint protection with updated signatures, endpoint sandboxing, and next-gen antivirusNetwork sandboxing, next-generation firewalls, and email security to block phishing attacksNext-generation scale-out storage with Continuous Data Protection feature, taking immutable snapshots automaticallyHow to respond to an attack

If an organisation suspects that someone on the network has been a victim of a ransomware attack, it should perform the following steps:

Take a snapshot of the system and then shut it down. A snapshot will attempt to save system memory which might the help in decryption and provide further details about the attack. Some professionals recommend the quarantine of any computers known to be infected, but it is safer to shut down all of them to keep the ransomware from spreading.Block remote desktop protocol (RDP) at the network level. Consider blocking all email attachments until the origin of the attack is fully understood.Assess the damage and determine the point of entry. This is where your backups come into play.

Depending on which systems were infected, this is when the organisation will need to revert to its backup plan. Pulling an entire server offline may take more planning. The key here is to have a reliable and well-tested backup to get the business up and running quickly with minimal repercussions.

What if there is no backup system in place?

If an organisation is struck by a ransomware attack but it does not have a backup system in place, it will need to take a slightly different approach. The IT team will need to assess the value of the data that has been encrypted and make a decision as to whether it is worth hiring a security or ransomware expert to try and recover the data. If the answer is no, they might be tempted to pay the ransom which is not a good idea! Even if the ransom was to be paid, there is no guarantee of receiving the decryption keys, and thieves often increase the ransom the longer they have to wait for it to be paid.

Companies who have fallen victim to ransomware and lost data due to a lack of appropriate security measures and/or backup, must re-assess their overall data protection policies and take the relevant prevention measures.

Ransom attacks are the perfect crime because the cyber-criminals often ’win,’ and the anonymity makes it nearly impossible for authorities to track down the perpetrators, so instead of being intercepted and stopped, they move on in search of more potential victims.

One thing we know for certain is that the attacks will continue and will evolve as companies learn to combat them. Businesses can no longer afford to sit back and hope that they will be the lucky ones to avoid attack. Data is a highly sought-after asset, and its safeguarding must be of the utmost importance to businesses that wish to succeed in an increasingly threatening cyber landscape.

Florian Malecki, International Product Marketing Sr. Director, StorageCraft

Read More

Leave A Comment

More News

Latest ITProPortal news

Redefining the term engineer in the workplace. 2019-07-01 05:00:10Lots of people have 'engineer' in their job title, but what is engineering?

The predictive art of retention – using data 2019-07-01 04:30:34As the number of people voluntarily leaving their job roles continues to rise, it is now harder than ever to attract and retain talent. More companies

Vital points to consider while choosing the platform 2019-07-01 04:00:27Selecting the best platform for your website is an absolute requirement for your business, but choosing the right platform isn’t that easy.

Modernising mission critical communications 2019-07-01 04:00:18The modernisation of mission critical communications with intelligent push-to-talk broadband solutions.

Wi-Fi 6 vs. 5G: Key advantages for businesses 2019-06-28 07:00:222019 will be a landmark year for wireless connectivity and the Internet of Things (IoT), with the launches of Wi-Fi 6 and 5G making headlines across t

Why UK government organisations are a key target 2019-06-28 06:30:44Why aren’t government organisations doing more to protect their systems, the services they manage and the citizens they serve?

Somerville bans facial recognition in public 2019-06-28 06:30:30After San Francisco comes Somerville, and after that - possibly Oakland

Russia's Google breached, users spied upon 2019-06-28 06:00:29Yandex says the attack was spotted at an early stage

Boards have woken up to the value of 2019-06-28 06:00:01Security is now a priority for boards but managing security is as complex as ever.

Seven reasons asset compliance blows-up 2019-06-28 05:30:32How TAM can help businesses stay compliant and avoid the most common pitfalls.

GDPR one year on: where do we stand? 2019-06-28 05:00:24As we pass the GDPR one-year anniversary, how has the data landscape changed?

Best practices for preventing and recovering from a 2019-06-28 04:00:29How to defend and recover from ransomware attacks.

TechRadar: Internet news

Women's Ashes live stream: how to watch England 2019-07-18 04:49:052019's epic England vs Australia cricket battle continues - can England strike back? Get a 2019 Women's Ashes live stream from anywhere on Earth.

Stage 12 Tour de France live stream: how 2019-07-18 04:43:05After a day on the flat, Le Tour riders head back to the mountains. Don't miss Stage 12 with this 2019 Tour de France live stream info.

iPhone 11, iPhone 11 Max and iPhone XR 2019-07-18 04:37:22This is potentially our best look at Apple's new iPhones so far, as case test models appear in a hands on video.

The Open 2019 live stream: how to watch 2019-07-18 04:19:34The players are on the course for the 148th Open Championship. Watch the golf with a 2019 Open live stream from anywhere on Earth.

Best translation software of 2019 2019-07-18 03:32:35Expanding into new global markets? Time to take your websites and software with you.

Dell's Black Friday in July deals are back 2019-07-18 02:01:37More Mega Deals hit the internet for Dell's Black Friday in July event.

Best cheap smartphones in Australia for 2019 2019-07-18 01:33:28Looking for a new mobile but want value for money? These smartphones offer a lot of bang for your buck.

Samsung Galaxy Tab S6 leak offers more proof 2019-07-17 21:32:12Official renders have leaked for Samsung's upcoming pro-tablet showing dual cameras and divisive rear-mounted S Pen.

Firefox will soon alert users if their saved 2019-07-17 21:21:21Mozilla is working on updating Firefox's security to integrate Lockwise password management with its Monitor tool.

Instagram is now hiding like counts in Australia, 2019-07-17 20:25:44Instagram seems to be nudging users to appreciate posts based on merit, not on how popular they are.

Microsoft Surface Pro 7: what we want to 2019-07-17 17:56:21The Microsoft Surface Pro 6 is already a great device, but what could Microsoft do with the Surface Pro 7?

macOS Catalina: macOS 10.15 release date, news and 2019-07-17 17:39:56Apple has announced macOS Catalina, the name for its macOS 10.15 release later this year. Here's everything we know.

TechCrunch » Enterprise

Investor Jocelyn Goldfein to join us on AI 2019-07-18 13:00:37Artificial intelligence is quickly becoming a foundational technology for enterprise software development and startups have begun addressing a variety

InCountry raises $15M for its cloud-based private data 2019-07-18 12:36:08The rise of data breaches, along with an expanding raft of regulations (now numbering 80 different regional regimes, and growing) have thrust data pro

VComply raises $2.5 million seed round led by 2019-07-18 09:00:47Risk and compliance management platform VComply announced today that it has picked up a $2.5 million seed round led by Accel Partners for its internat

Intel announces deep, multi-year partnership with SAP 2019-07-18 08:29:38Intel announced a deep partnership with SAP today around using advanced Intel technology to optimize SAP software tools. Specifically, the company pla

Southeast Asian cloud communications platform Wavecell acquired by 2019-07-17 23:03:49Wavecell, a cloud-communications platform for companies in Southeast Asia, announced today that it has been acquired by 8×8 in a deal worth abou

AT&T signs $2 billion cloud deal with Microsoft 2019-07-17 12:24:13While AWS leads the cloud infrastructure market by a wide margin, Microsoft isn’t doing too badly, ensconced firmly in second place, the only ot

ClassPass introduces a corporate wellness program 2019-07-17 10:24:28ClassPass has set up yet another revenue stream, signing to a corporate wellness program partners like Facebook, Glossier, Google, Morgan Stanley, Und

Dust Identity secures $10M Series A to identify 2019-07-17 10:03:30The idea behind Dust Identity was originally born in an MIT lab where the founders developed the base technology for uniquely identifying objects usin

Stonly lets you create interactive step-by-step guides to 2019-07-17 07:01:28French startup Stonly wants to empower users so that they can solve their issues by themselves. Instead of relying on customer support agents, Stonly

AlphaSense, a search engine for analysis and business 2019-07-17 06:10:14Google and its flagship search portal opened the door to the possibilities of how to build a business empire on the back of organising and navigating

ContractPodAi scores $55M for its ‘AI-powered’ contract management 2019-07-17 04:00:36ContractPodAi, a London-based startup that has developed what it describes as AI-powered contract lifecycle management software, is disclosing $55 mil

Qualtrics’ Julie Larson-Green will talk experience management at 2019-07-16 12:00:57We’re less than two months out from our first TC Sessions: Enterprise event, which is happening in San Francisco on September 5, and did you kno

Digital Trends

Best air conditioner deals: LG, TCL, and Frigidaire New! 2019-07-18 19:39:30We’re well into summer, but the hottest days are yet to come. Here are a few air conditioner deals available online right now for both portable

Walmart slashes prices on Xbox One, Sony PS4, New! 2019-07-18 19:35:37If you're in the market for a new Xbox One, Sony PS4, or Nintendo Switch games, there are quite a few Walmart discounts to choose from right now. Thi

Beats Solo3 wireless headphones still $140 off on New! 2019-07-18 19:30:58While Prime Day may have ended, Amazon has extended some deals for a few days. Wireless headphones are a popular purchase, and now on Amazon, the matt

Walmart’s Prime Day Nintendo Switch bundle deal is New! 2019-07-18 19:15:01The best bet for anyone looking to get their hands on Nintendo's latest console is to grab one of the bundle deals that pop up from time to time, and

The best free TV show episodes on YouTube New! 2019-07-18 19:05:33TV networks have made a habit of putting episodes from popular series on YouTube for free. From premium platforms like Showtime to experimental newcom

Marvel’s Avengers single-player campaign, customization make splash at New! 2019-07-18 19:00:58Marvel Entertainment is the belle of the ball at San Diego Comic-Con, as the company hosted a panel dedicated to the efforts being made to bring its p

Beat the summer heat: Walmart cuts 51% off New! 2019-07-18 19:00:28This is a perfect moment to get your own air conditioning as Walmart slashed the price of Honeywell CO25AE Portable Evaporative Air Cooler by over 50%

Stranger Things season 4: Here’s everything we know New! 2019-07-18 18:51:30After three wildly successful seasons of Stranger Things, everyone wants to know where Netflix will take the gang in season 4. Here's everything we k

Life after launch: Inside the massive effort to New! 2019-07-18 18:27:09The Apollo 11 mission put a man on the moon, but NASA didn’t necessarily preserve every step of the process. Researchers are trying to rescue th

Change from within: How the CTA could bring New! 2019-07-18 18:09:23With a sea of white, male faces as homogeneous as Wonder Bread, tech has an inclusivity problem -- and the trade group behind CES has answers. This we

Don’t miss these incredible Samsung 4K TV, QLED New! 2019-07-18 18:02:04Amazon Prime Day may be over, but Samsung's Black Friday in July sale is just heating up — and with discounts on QLED 4K TVs, 8K TVs, and sound

Digital Trends Live: Netflix loses subscribers, Uber’s in-car New! 2019-07-18 17:37:23On this episode of DT Live, we take a look at the biggest trending stories in tech, including Netflix’s subscriber loss, Uber’s in-car sho

Disclaimer and Notice:WorldProNews.com is not responsible of these news or any information published on this website.