What is Ransomware
More and more companies are falling prey to purveyors of ransomware, a virus that attacks computers and literally holds them to ransom. This virus locks users out of their machines and demand payment to unlock them. Large organisations are able to invest heavily in multi-layered cyber security and thus their risk is usually minimised. It is most often the smaller companies with single servers who suffer the most losses.
So what can be done?
Ransomware is essentially a type of malware that infects a computer when the user unsuspectingly clicks on a link, downloading the virus which then sets about encrypting files and systems, rendering them inaccessible. Users who try to open a file will usually receive a message stating that the file needs to be decrypted. They then receive a message or text file detailing how to go about unlocking the data and who to call to do so. Essentially, the message requests a payment in exchange for the decryption key, effectively holding the user’s machine to ransom.
Although most companies have firewalls and antivirus systems that protect them from direct attacks, this virus is not overtly malicious. It targets individual browsers through careful placement in seemingly innocent adverts or attached to direct emails. The “invited” virus can then spread from the affected computer to any system it connects to, extending infection to any backup systems, company servers and even other connected machines.
Most traditional backup systems make use of an overwrite system, meaning that current data simply copies over the previous backup. Unfortunately, this means that many users upload the virus with their most recent backup, writing over their previous data and rendering it, too, inaccessible. The same goes for typical, public cloud backup that also uses overwrite systems.
What companies need to protect themselves properly against ransomware, is a cloud backup system that doesn’t simply overwrite previous data. Instead, it should keep multiple data records. Data is stored periodically, with multiple, historic copies kept at any given time. What this means is that you can pinpoint when the virus was downloaded. While all backups made since infection will be infected, but you can still go back to that point in time and effectively retrieve all your data from any backup preceding the date of infection, which remains intact.
Backing up is important. But never has it been more important to have multiple historic backup versions than now, when ransomware is becoming more and more prevalent. It is vital that companies invest in a cloud backup system that does just that, protecting their systems and data – and their pockets – from ransomware syndicates and potentially crippling data losses.