How to Protect Backups Against Ransomware Attacks
Almost everything we do nowadays gets digitalized for the purpose of easy storage and accessibility. Whether it's a private person's projects stored on their own PC, or a huge list of employees, schedules, goods and services owned by a company, nearly every piece of information that's relevant to someone gets the same treatment – it gets turned into data and uploaded into cyberspace. This is why it's not an overstatement to say that getting locked away from that data by being hit with a nasty piece of ransomware is could turn out to be a real catastrophe.
This is especially true when it happens to a person or company that relies heavily on IT to operate its day to day activities – and in this day and age, what company doesn't? The bottom line here is that this is a threat that people should be aware of and needs to be taken seriously. Why?
Cyber-attacks, especially ransomware, has only gotten more sophisticated over the years, and while cybersecurity experts have done excellent work identifying and neutralizing a vast amount of threats, the criminals and crime outfits behind such malicious attacks are still numerous and ingenious.
They have outgrown their initial sloppy attempts at ransomware from a long time ago and have perfected methods to make absolutely sure that their victims have no recourse but to comply with their demands once they get their grubby fingers on the victim's data. To this end, once it gets in, ransomware usually deletes shadow volume copies and disables other methods that may have been put into place with the goal of recovering lost data. Some specifically attack servers and try to infect as many linked machines as possible, not only as a way of propagating but to ensure that the victim has no other recourse but to comply with the criminals' demands.
So what can you do to ensure that you don't fall prey to a devastating ransomware attack?
Well, aside from overall tightening your cyber-security, educating the people that interact with your IT systems on the subject of cyberthreats and employing adequate anti-malware solutions, there is another, crucial step that you should consider.
Backups are what turn a malicious attack from an absolute disaster that can ruin your company or cost you your irreplaceable personal data, into a nuisance that will set you back a couple of hours in your work. Originally designed to prevent data loss due to system or hardware failure, they are now an inbuilt feature in many IT systems. However, as we mentioned above, since cybercriminals are wise to this feature, they now attack and disable it, before setting out to do their other dirty work. So how can this be fixed?
The answer is surprisingly simple. Just put more backup systems in place – the more and more varied they are, the safer your precious data will be. Understandably, regular backups on multiple systems may look like just another couple of extra hoops that you need to jump through, just to be able to function – but in a pinch, the benefits of this type of maintenance outweigh whatever resource costs may have been incurred immeasurably.
But how much should you back up, exactly?
The now popular "3-2-1" rule states that in order to have the minimum amount of security for your data, you need to have three different copies of your data, on two different media, one of which is off-site. This is the bare minimum that ensures that you have recourse, even in the direst situation – and what situation can be more grievous than losing all your locally stored data encrypted and placed at the mercy of some cyber crook? The exact nature of the media and the details concerning the off-site service that you need to employ, is, of course, up to you. It should be chosen based on your personal preferences and needs – and naturally, you can add extra layers of protection as you see fit. However, it is crucial to keep the "3-2-1" rule in mind, as a bare minimum of backup necessary to keep your data safe from all sort of data-loss related disaster in general, and ransomware attacks in particular.