Nearly every organization has by now experienced a ransomware attack. According to the 2022 Veeam Data Protection Trends Report, 76% of organizations were attacked by ransomware in 2021, more than half (51%) suffered ransomware-related outages and more than a third of data (36%) was unrecoverable after a successful attack.
And while companies should take every feasible measure they can to secure their systems against a ransomware attack, the sad reality is that cybercriminals only have to find a single vulnerability to exploit to succeed, and vulnerabilities are not in short supply.
Vulnerabilities Can Go Unnoticed
Earlier this year, the PwnKit vulnerability was discovered by Qualsys. This memory corruption vulnerability was found in a tool that’s included in nearly every Linux distribution, and exploiting it allows any unprivileged user to gain admin privileges. Once an attacker achieves that, just about any kind of attack is possible.
The real kicker? It appears that this vulnerability has existed, undetected by security researchers, since 2009!
Strong Backup and Disaster Recovery Plans Are Essential
Knowing that attacks are eminent, and can have long lasting damage, having a strong backup and disaster recovery strategy is critical. Certainly, you have backups. Every sensible business today does. The question, though, is not whether your data is backed up, but rather whether it can be recovered in a timely manner. Plus, you need to ensure that the backups and replicas, themselves, are protected from ransomware attack.
Make a Plan for Recovery
Let’s say you suffer from a massive ransomware attack that encrypts a significant amount of your data. While everyone would like to be able to recover it all in a matter of minutes, it costs far too much to have all data on such a tight RTO (recovery time objective). Instead, IT and business managers need to work together to determine what the organization’s tolerance is for downtime for each workload. If you rely on e-commerce for most of your revenue, for instance, getting that site and all the back-end systems that support it up and running should be a very high priority. The business can probably wait a while, however, to recover records of financial transactions from five years ago.
As you tier out applications and data according to their RTOs, make sure to take dependencies into account. You don’t want to spin up a critical application in minutes only to find that it can’t run because a system it needs to run will require many hours to recover.
Finally, once you understand each workload’s RTO tolerance, match it with a medium that will enable you to recover it in the time required. Then, practice the plan. Rehearse it so that, if the day comes that you’ll need to recover from a massive ransomware attack, there won’t be any unfortunate surprises.
Working with Disaster Recovery Specialists
Needless to say, disaster recovery is a complex task. Understanding dependencies, tiering out workloads according to downtime tolerance and then matching them with technologies and services that, themselves, are protected from attack requires a great deal of expertise to do well.
That’s why SMBs are increasingly turning to experts like CyberFortress to help them build and execute on a backup and DR strategy, as well as ongoing maintenance and recovery services. Backup is no longer a generalist’s game.
CyberFortress is also a Veeam Platinum Partner, so we know their technology backwards and forwards. With Veeam’s world-class backup and DR solutions and CyberFortress expertise as a service provider, companies can ensure that they’re protected from whatever ransomware may throw at them.