Page 57 - Cyber Warnings
P. 57
How good is your backup?
Ideally, the crypto ransomware epidemic shouldn’t be much of an issue these days. Cost-
efficient or even free data backup services have become available to the public over time.
Indeed, it’s now easier and cheaper than ever before for enterprises and consumers to have a
viable plan B in case of a ransomware compromise or critical hardware failure.
Despite this fact, end users’ sensitive information is still a low-hanging fruit in the face of
ransomware attacks.
Furthermore, hospitals, police departments, transportation companies and other organizations
keep losing their data due to weak incident response practices that do not revolve around
dependable data backup techniques.
The FBI provides alarming statistics in this regard: consumers and companies in the United
States alone paid over $209 million in ransoms in the first quarter of 2016. That’s a huge
amount and a drastic increase compared to $25 million lost during the whole previous year.
But why are backups failing to safeguard data against ransomware? Money is part of the
answer.
In pursuit of reducing their IT spending, some companies don’t create reserve copies of all their
important files or don’t perform backups as frequently as they should.
Some organizations maintain comprehensive backups but don’t test them properly, so it turns
out they are unable to restore the information in case of emergency.
Another mistake is to store backups on network drives since high-profile ransomware targets
these repositories along with local drives.
How many backups will do the trick?
Being a little paranoid is probably a good thing when it comes to data backups. Owing to
relatively inexpensive cloud storage and specially crafted solutions, organizations can afford to
keep a large volume of their proprietary information in a safe place.
The trade-off between cost and protection isn’t nearly as relevant now in 2017 as it was a
decade ago. IT executives should run backups often enough to make sure the latest versions of
important files can be restored when necessary.
Another facet of the problem is that backing up valuable files alone might not suffice. It may also
be mandatory to roll back entire workstations to their earlier healthy state.
The San Francisco Municipal Transit Agency (SF Muni) hack as of late November 2016
demonstrated how important it is to keep critical computers backed up.
57 Cyber Warnings E-Magazine – March 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide