Facing the threat of cyberattacks: how does your disaster recovery solution stack up?

It’s a message every IT manager dreads.

‘Your personal files are encrypted by CTB-Locker. To decrypt the files, you need to pay 3 bitcoin.’

Yet, unfortunately, getting locked out of your company’s own data – and then being expected to pay a ransom to get it back – is becoming more common as cybercriminals get craftier. Like pesky bed bugs that have become immune to deterrents, ransomware attacks such as CryptoLocker, CryptoWall, Locky, TorrentLocker and Virlock are constantly evolving to sneak past all the new defences that IT security experts are busy building up.

According to a 2017 Veeam poll, nearly 46% of companies have experienced a ransomware incident in the past two years, of these, 91% had data that was encrypted. Other research predicts that the cost of data breaches is expected to reach $2.1 trillion globally by 2019, in line with the growing trend for companies to digitise an increasing amount data.

Unless you’ve got a rock-solid availability strategy in place, you face two difficult options: pay the ransom or say goodbye to the data. For companies in some industries, the cost of not getting your data back is too great to ignore. Recently, a hospital in the US paid about $60,000 in the cybercriminal currency of choice, bitcoin. The hospital didn’t want to risk waiting for the FBI’s cybercrime task force to unscramble the encrypted patient data.

Yet for others, the idea of paying to get their data back is unacceptable. Paying the ransom perpetuates the problem, with the money going straight to the criminal underworld to fuel more cybercrime. So what can you do about it?

Building up internal defences

It goes without saying that system administrators should be adopting best practice security measures to prevent cyberattacks. In an era of BYOD and remote users, this gets challenging – but it’s about securing and segmenting end-points, controlling access and having clear knowledge of where all data points reside.

It’s also about educating employees about safe practices online. All it takes is for one employee to open a rogue attachment in an email for malware to potentially invade your entire system.

But, let’s face it, even with the most rock-solid defences in place, there is still a very real risk that you will be hit with a cyberattack at some point. But what we’re seeing is that while most companies may feel confident they could recover their data quickly with low impact on their business, the reality is it is probably unlikely.

If you don’t want to pay cybercriminals a ransom to get your data back – or face costly delays and reputation damage while you scramble to get the data back yourself – then you need to change the way you approach disaster recovery.

Use the 3-2-1-1-0 rule

The 3-2-1 rule for disaster recovery is timeless, and most system administrators would be well aware of it. This rule states that you should have:

  • At least three copies of your data
  • Stored on two different media
  • With one backup copy offsite

The 3-2-1 rule gets you out of most data-loss problems, including many ransomware attacks. But sometimes, even offsite backup copies are not enough. Even though online backups are offsite, they can still be encrypted or even purged by hackers who have managed to infiltrate the network – which means you’ve lost everything. This risk can be reduced by leveraging VM replication or storage snapshots but these are still considered online.

That’s why we now recommend another ‘1’ – an offline copy on an external drive. Yep, we’re talking old-school tape or rotating hard drives. Any storage device that can be powered off and removed from the network can count. These data repositories do not enable direct data access and are resilient against data propagation, helping you further reduce your risk of data loss.

If tape or external drives sound too old-school then another option is to use Veeam Cloud Connect. This takes backups to a cloud service provider for secure storage and backup. You can send backup data automatically and set a timeframe for how long you store backup files before they are deleted. Cleverly, these deleted files are housed in a ‘recycle bin’ where they can’t be touched or deleted for a set period of time. This recycle bin offers insider protection to help prevent even determined hackers or malicious employees from destroying backups.

The ‘0’ part of the backup rule concerns validating your backups, when using an availability solution such as ‘Veeam Availability Suite’, it’s very easy to verify your backups are error free and recoverable. In the past, this was an intensive and manual process, meaning many businesses never checked there backups but a solution like Veeam has the capacity to automatically validate backups using ‘SureBackup’, powering up a VM backup and assessing it in an automated and repeatable fashion. This gives you the confidence that your system can stand up to whatever malware is thrown at it.


Keep the end goal in sight

The end goal in any disaster recovery strategy is to get data back quickly and in good order. Data backups must remain immune to infection from malware even when all your other systems are struck down. Then, those backups must be easily accessible for the right people so that, in the instance of an attack, you’re not held back by unnecessary downtime.

It’s all possible – it just takes a little thinking to outsmart the cybercriminals.

Tags: Availability, Cybersecurity, Ransomware, Security, Veeam



Why would you deploy SASE?
If Secure Access Software Edge (SASE) with Cisco Meraki is the destination, what does the journey to get there look like?

Firstly, let’s set the scene. The term SASE was first mentioned by Gartner Analysts in July 2019 and Gartner continues…

Data#3 named (HPE) Platinum Partner of the Year and Aruba GreenLake Partner of the Year
Data#3 enjoys double scoops at HPE/Aruba awards night

December 08, 2022; Brisbane, Australia: Leading Australian technology services and solutions provider, Data#3, is proud to announce that it has…

Azure BaaS
Protecting Data in a Cloud World: Will Backup as a Service be what Keeps Your Business Online Through a Crisis?

Very few organisations could run in a technology-free environment, so naturally, strong IT departments put considerable effort into business continuity…

Azure Site Recovery
Beyond Backup: The Role of Azure Site Recovery in Business Continuity

In the first of our Azure Backup blog series, we discussed the value of data, and the critical importance…

Delivering the Digital Future, Securely – for Western Australia
Delivering the Digital Future, Securely – for Western Australia

Data#3, proudly sponsored by Cisco, Microsoft and Palo Alto Networks, are pleased to present to you: Delivering the Digital Future,…

K-12 Video Period
Securing the school network amidst escalating threats

Security threats are now a routine problem for increasingly connected education institutions. The good news is that a new generation…

Protecting Data in a Cloud World: What You Need to Know About Azure Backup

Welcome to part 1 of our 3-part blog series, exploring data protection options and considerations for when you’re operating in…

The Southport School Revisited
The Southport School: Four Years On

How have their investments in wireless networking and security paid off after four years? Download Customer…