The global ransomware outbreak in 2017 caught a lot of public attention and the frequent media coverage has helped create awareness on the dangers of ransomware. For many organisations, it became a wakeup call for them to place more focus and resources into protecting their digital assets in light of the rising high-profile attacks that we have seen over the past couple of years.
However, various stats would show that the threat of ransomware, although it may have dropped, of letting up.
What is it about ransomware that makes it so popular among cybercriminals?
There are several factors why that’s the case. The most obvious one is how easy it is to implement, promising high returns with little repercussions. Criminals are able to release ransomware packages that are equipped with the ability to self-propagate to the world once and just wait for the money to roll in. It’s a profitable “business” to these criminals. The fact that victims are giving in to their demands and paying ransom have only made matters worse and encourage future attacks.
In many cases, ransomware attacks are triggered by users inadvertently clicking on a harmless looking link or malware laden email. In that sense, ransomware attacks are often targeting what’s seen as the weakest link in the cybersecurity chain – people. And despite all the media attention and warnings, many organisations have failed to educate their staff or take even the most rudimentary security precautions, such as updating their systems or backing up their valuable data, thereby leaving themselves vulnerable and open to ransomware and other forms of cyber attacks.
An ESG (Enterprise Strategy Group) white paper on ransomware mitigation stated that in order to fend off such attacks, what’s needed are best practices and tools to prevent or at least mitigate the attacks. And in cases where they are infected by ransomware, they need to recover reliably and get back up and running as quickly as possible.
The paper also likened ransomware attacks to “logical disasters”, not unlike data corruption events or hard drive failure – the only difference being what causes the disaster as well as the type of effort needed to stop it. Application downtime, system unavailability and data loss bring devastating effects in today’s fast-paced, always connected, data-centric world and businesses have very little tolerance for downtime.
Therefore, beyond the strengthening of cyber defence capabilities, reliable backup and recovery is also a vital piece of the puzzle, with ESG recommending organisations to adopt “systematic and resilient IT measures and best practices leveraging robust data protection infrastructures”.
As enterprise data is now commonly dispersed across multiple locations, on-premises and in the cloud, it’s becoming ever more important that businesses employ a data protection platform that can offer data availability no matter where the data lives. Some of the best solutions out there are able to help businesses to quickly recover infected or encrypted data and restore systems affected by ransomware.
To read the full content of the ESG white paper, which explores some of the top ransomware-related concerns facing today’s IT decision makers, top IT “meta-trends” for 2018, as well as recommendations on how companies can optimise their data and systems availability to rapidly recover from malicious attacks, click here