Get
Data Recovery Skills or Be “Taken” by Ransomware
Data Recovery Skills or Be “Taken” by Ransomware
By
Chris Gondek, Principal Architect, Commvault
Chris Gondek, Principal Architect, Commvault
Imagine if your data was “taken” but instead of
panicking, you instantly became Liam Neeson from the movie “Taken”. The coolest,
toughest character ever imagined, who dealt with his own ransom situation –
without paying.
panicking, you instantly became Liam Neeson from the movie “Taken”. The coolest,
toughest character ever imagined, who dealt with his own ransom situation –
without paying.
WannaCry; a ransomware campaign with
unprecedented scale, hit around 200,000 systems across 150 countries. Asia is
no exception, with reports of several businesses affected
by the attack.
unprecedented scale, hit around 200,000 systems across 150 countries. Asia is
no exception, with reports of several businesses affected
by the attack.
Ransomware, and other
malicious software, is estimated to cost the Australian economy about $1
billion a year. In Britain, WannaCry has crippled
the health system – with stroke victims unable to undergo
urgent surgery because their scans could not be accessed – and affected other
businesses around the world.
malicious software, is estimated to cost the Australian economy about $1
billion a year. In Britain, WannaCry has crippled
the health system – with stroke victims unable to undergo
urgent surgery because their scans could not be accessed – and affected other
businesses around the world.
When
Ransomware Hits: Three Options for Data Recovery
Ransomware Hits: Three Options for Data Recovery
“Ransomware” is increasingly becoming the
number one cause of data loss for businesses. Software security has become more
resilient to cyber-attacks, but what happens (and it does happen a lot) when
the security systems fail and are bypassed by a simple phishing attack, or a patch
not applied?
number one cause of data loss for businesses. Software security has become more
resilient to cyber-attacks, but what happens (and it does happen a lot) when
the security systems fail and are bypassed by a simple phishing attack, or a patch
not applied?
When ransomware hits your business, you have
three choices:
three choices:
1)
Give
up, cut your losses and start again? For most businesses, this is not really an
option as you can’t just write off potentially business critical data that is
held in the attack. At the same time, you need to bring systems back to a
working condition and often data is key to this
Give
up, cut your losses and start again? For most businesses, this is not really an
option as you can’t just write off potentially business critical data that is
held in the attack. At the same time, you need to bring systems back to a
working condition and often data is key to this
2)
Pay
the ransom!? Who knows, you might get
your data back, and once you have paid, they know who to target again –
repeatedly until the software evolves to become “extortion ware”
Pay
the ransom!? Who knows, you might get
your data back, and once you have paid, they know who to target again –
repeatedly until the software evolves to become “extortion ware”
3)
Channel
your inner Liam Neeson, and tell the ransom-holders that you have a particular
set of skills… skills you have acquired over a very long career… skills that
make you a nightmare for data extortionists
Channel
your inner Liam Neeson, and tell the ransom-holders that you have a particular
set of skills… skills you have acquired over a very long career… skills that
make you a nightmare for data extortionists
Be Cool:
Use Your Data Recovery Skills
Use Your Data Recovery Skills
Those skills, are data recovery skills. The
only way businesses can ignore any Ransomware is to immediately recover from
data backup, and I do make emphasis on immediately.
only way businesses can ignore any Ransomware is to immediately recover from
data backup, and I do make emphasis on immediately.
Cyber-attacks
are becoming increasingly more sophisticated and while an attack cannot always
be avoided, there are steps you can put in place to mitigate the effects of
attacks. You can have processes in place to minimise customer impact and the
organisation’s own brand and reputation.
are becoming increasingly more sophisticated and while an attack cannot always
be avoided, there are steps you can put in place to mitigate the effects of
attacks. You can have processes in place to minimise customer impact and the
organisation’s own brand and reputation.
For example, achievable Recovery Time
Objectives (RTO). RTO refers to the time it takes a business to restore data
once disaster has struck, including bringing your systems back to normal. It
may seem straight forward on the surface but to be able to perform quick data recovery,
you need to have a powerful data protection solution and an understood and
agreed service level in place.
Objectives (RTO). RTO refers to the time it takes a business to restore data
once disaster has struck, including bringing your systems back to normal. It
may seem straight forward on the surface but to be able to perform quick data recovery,
you need to have a powerful data protection solution and an understood and
agreed service level in place.
Data Recovery Needs Speed
and Automation
and Automation
To
recover from a ransomware attack, you need to have deployed – and managed –
data backup. Being able to backup databases, files, applications, endpoints and
VMs according to data type and recovery profile is critical to a speedy
recovery.
recover from a ransomware attack, you need to have deployed – and managed –
data backup. Being able to backup databases, files, applications, endpoints and
VMs according to data type and recovery profile is critical to a speedy
recovery.
In
addition, organisations who employ good data management will know where the
data lives – across public or private cloud(s), on-premises or co-lo sites –
and will have specific data backups and processes in place to protect it. As a
result, when an emergency hits, data recovery is fast and automated.
addition, organisations who employ good data management will know where the
data lives – across public or private cloud(s), on-premises or co-lo sites –
and will have specific data backups and processes in place to protect it. As a
result, when an emergency hits, data recovery is fast and automated.
Today,
businesses seem to be focused on their security rather than recoverability.
Whilst security is critical to every organisation across the globe, we cannot
forget that an attacker only has to get lucky once. With data being the
heartbeat of businesses today, being able to prevent loss and recover, should
be mission critical.
businesses seem to be focused on their security rather than recoverability.
Whilst security is critical to every organisation across the globe, we cannot
forget that an attacker only has to get lucky once. With data being the
heartbeat of businesses today, being able to prevent loss and recover, should
be mission critical.
The
only true way to be completely confident in the face of this new threat, is the
Liam Neeson way, have those data recovery skills. When you know data management
– and adhere to good data practices – you make yourself a nightmare to the
ransomware creators, affectively rendering themselves useless.
only true way to be completely confident in the face of this new threat, is the
Liam Neeson way, have those data recovery skills. When you know data management
– and adhere to good data practices – you make yourself a nightmare to the
ransomware creators, affectively rendering themselves useless.
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
