Ransomware attack: Recovery after falling victim
Ransomware is a form of cybercrime that has been around for a number of years; however, the threat level is increasing and there are signs that the cybercriminals’ strategy is becoming more refined.
In year-on-year figures for 2014-15 and 2015-16 from IT security experts Kaspersky, crypto ransomware attacks, which locks up data and renders it inaccessible without the cryptographic key, were shown to have increased more than five-fold. Data analysis also show the rate at which UK companies are falling victim is almost 20% higher than the global average.
This indicates UK businesses are either being more closely targeted by internet criminal gangs or have insufficient IT security capability. Whatever, the reason, UK companies face a greater likelihood of falling victim to an attack. Consequently, it is essential your company has the capability to recover from a ransomware attack without having to pay cybercriminals to provide the cryptographic key to unlock the data.
Recovery from a ransomware attack
Although prevention is better than cure, prevention doesn’t always work, especially when it comes to defending criminal enterprise. Having the right prevention countermeasures in place is essential because the disruption to business following an attack may be severe.
To be clear, Paralogic doesn’t endorse paying ransomware demands. However, many have opted to pay cybercriminal ransom demands, especially when the sum in question doesn’t break the bank and can be explained away as incidental minor expenses without a cost centre. However, criminals are now being more targeted in their approach and demanding larger amounts. It may be impossible to pay without damaging company finances and/or being able to lose it on the P&L.
Clearly, the best policy is to be in a position to refuse to pay and then invoke a Disaster Recovery (DR) and Business Continuity (BC) plan.
How to be in a position to recover from a ransomware attack
The ransomware attack renders data and systems unusable because it cryptographically encodes data. It is unfeasible to crack the codes and the only way to return to normal business operations with as little damage as possible is to restore systems and data from backups quickly.
Designing a backup scheme and choosing an appropriate solution for executing your DR and BC plan means you need to understand:
- Recovery Point Objective (RPO)
- How much work (or changed data) you can afford to lose
- Recovery Time Objective (RTO)
- How long you can tolerate systems and data being offline
Be in a position to refuse to pay and recover from a ransomware attack with Paralogic
Paralogic helps smaller, expanding and mid-sized businesses to have the capability to recover from a ransomware attack. Human behaviour and brand new zero-day attacks mean it is impossible to guarantee 100% the success of preventative countermeasures. We ensure you have the right backup solution in place so that your DR and BC plan effectively delivers the RPO and RTO to get your business operational again.
We help over 1000 businesses to get more out of their investment in business technology. To find out more about how we can help you to recover from a ransomware attack simply get in touch today.
Do you want some free, Strategic IT support?
Get started with a free one hour IT consultation. Discover the latest technology and discuss your current and future IT requirements.Talk to us ›