Backups against ransomware | Pentest7

Backups gegen Ransomware

A modern data protection with backup is often the last bastion that protects companies from inability to act and massive losses, both financially and in terms of reputation, explains Matthias Frühauf, Regional Vice President Germany at Veeam Software, in a guest article.

Blackmail is a profitable business and companies are challenged in the fight against ransomware like never before. Because of the steadily increasing number of attacks and the increasingly sophisticated phishing methods, which are the spearhead of every infection, it is important to make the infrastructure resilient. At the same time, ever larger parts of their own workforce are making use of remote work. The question is no longer just: What is the best way to prevent infection with ransomware? rather: How do you act in an emergency? The answer is obvious: with a good backup strategy.

Follow the rule of thumb

Backups make it possible to restore the data encrypted by the attackers without paying a ransom, thus minimizing downtime. This also quickly restores the ability of the parties concerned to act.

In order to ideally set up your own backups, there is a rule of thumb that must be observed: the 3-2-1 rule. Each backup should be saved in triplicate, across at least two media, and one of the copies must be kept off-site. In addition, this rule should be expanded by two points in order to be optimally protected against ransomware. One of the copies should be saved unchangeably by means of file attributes in order to be able to withstand attempted encryption. In addition, regular tests must ensure that no errors occur when restoring the corresponding backup. Because even the most comprehensive backup does not help in an emergency if the corresponding restoration cannot succeed properly. This extends the rule of thumb to the 3-2-1-1-0 rule.

The dangers of ransomware

Ransomware now often uses double or even triple blackmail. Not only are files encrypted, but some important ones previously stolen and published as leverage (twice) – or there is threat of publication – and for a short time customers, partners or patients have also been blackmailed (three times) as another party. In such cases, the companies suffer serious damage to their good reputation and the trust of partners and customers is shaken. It is difficult to regain this; sometimes it has even been irretrievably lost. That is the reason why entrepreneurs not only have to take measures to ward off a ransomware attack, but should also be prepared for the emergency of a successful infection. This is exactly where modern data security concepts come into play and help to protect sensitive data even after a network break-in. It does not matter whether they are in a data center, in a cloud, in a hybrid mixture or in different containers. Backups always ensure that an emergency does not turn into a catastrophe.

Leave a Reply

Your email address will not be published.