Ransomware attacks are on the rise and as a result, so are downtime costs for businesses — by 200% year-over-year, to be exact. And that’s why businesses need to know how to recover their data quickly and efficiently. Data recovery strategies must include safeguards against malware attacks like ransomware.
In this article, we’ll cover what your business should and shouldn’t do when it comes to recovering your data after a ransomware attacks in a way that decreases data loss and downtime costs. We will include sensible measures you should take to prevent malware attacks. Also, in the unhappy event your system is taken down by malware, there are steps you can take to prevent its spread and get your system back to normal.
Before we begin…
Everyone knows the value of backing up your system. You have backups in place, right? Consider this: if your backup devices are connected up to your system and you are hit by a ransomware attack, your backups won’t work. Ransomware seeks out backup devices connected to your network and encrypts those files as well. To avoid infection, those backup storage devices must be isolated from your network. You need a backup strategy that uses offsite cloud storage — like NexProtect — and at least one set of current backups offline, isolated and protected against ransomware. If you have a backup set offline locked away for emergency use, your recovery after a ransomware attack will be easier. As we shall see, if both your system and backup files are locked, you stand to lose data and may be forced to pay the ransom to free up your system.What to do before the attack…
Include a malware response plan as part of your business disaster recovery planning. You need to answer these questions:- What aspects of your business must you recover immediately to stay in business?
- What are your important products/services and how will they be impacted by a ransomware attack?
- During an emergency, what amount of ‘downtime’ is acceptable, e.g. how long can you go without automated customer call centres, access to business records and processes, etc.?
- Are the costs of downtime equal to or greater than the cost of having to pay the ransom?
FREE Laptop Backup Software — Protect your remote workers from ransomware today >>
Take measures to prevent ransomware
Know your enemy and how it sneaks into your system. Malware relies both on human and machine agents. Cyber criminals rely on social engineering and deception to trick individuals into giving up information that opens the front door to malware attacks. Email phishing, social media image traps, and instant messaging are powerful vehicles to contaminate your device and spread it to your friends. You can do your part in defeating a ransomware attack by:- Using anti-malware software like Norton and McAfee to block known payloads from launching.
- Installing the latest security updates for your OS and applications. Always “Patch Early and Patch Often” in order to repair vulnerabilities in browsers, web plugins, and operating systems.
- Practising cyber hygiene, such as using caution to prevent phishing attacks. Segmenting your networks to isolate critical computers and stop the spread of malware in case of attack. This includes shutting down unnecessary network sharing.
- Restricting admin rights to only those users who require them — give everyone else the lowest system permissions required to do their work.
- Restricting write permissions on file servers, to the extent possible.
- Educating yourself on the best practices necessary to keep malware out of your system. Keep up with the latest email phishing scams and news by subscribing to cybersecurity newsletters.
- Making frequent backups and isolating them from local networks and away from any potentially infected computer. Again, data backup and recovery is by far the most effective solution in reacting to a successful ransomware attack.