Posted by Geraldine Hunt on Thu, Mar 30th, 2017

March 31 is World Backup Day, an annual reminder that data needs to be protected from things like ransomware, malware, hardware failures, and of course human error. It’s a simple concept, but one that is often overlooked: data can be lost very quickly, without any alert  it’s missing or inaccessible. Despite the importance and sensitive nature of much company data, many companies don’t have a comprehensive backup strategy in place.

There are many ways to lose your companys data, here are the top :

1. Hardware failure
2. Loss or theft of a device
3. Ransomware
4. Software errors
5. Problems you may encounter when upgrading or updating your software

Let’s take a closer look at No.3 Ransomware!

Ransomware is a malware that prevents users from accessing their system or data often by locking files unless a ransom is paid. There are many variations each of which operate slightly differently with the common factor that the user is requested to pay a ransomware  to release data or access.  The ransom price varys depending on the variant, most ransomware operators commonly specify ransom payments in bitcoins.

Unfortunately several new ransomware variants have already been unveiled in 2017, continuing the  legacy of 2016 which  saw ransomware revenues topping the $1 billion mark. New strains of the malicious malware entitled Popcorn Time and Spora were identified in January. Ransomware creators continue to integrate innovations into their malware  - see how these new variants operate here.  As usual, your best defence is to prevent infection in first place, check out these 11 things to do to decrease chances of a malware infection. 

Ransomware Protection: Why the 3-2-1 Backup Strategy Works

Ransomware has caused a lot of damage to networks across the globe.  To protect your data and recover from ransomware you need to have dependable worry-free backup which is what the 3-2-1 Backup approach is all about.  There are a number of security tools that can allow you protect your users and data from ransomware. 

These include:

• Spam filtering to protect users from phishing, embedded links and attachments embedded with malicious code
• Web filtering to prevent users accessing websites that serve as download hub for malware
• Reputable anti-virus and anti-malware protection on endpoint devices
• Regular updating and patching on all of your devices
• Gateway antivirus which scans all active internet sessions and strips packets of malware infected code
• Disabling the remote desktop protocol on any computers that are directly exposed to the Internet
• Disabling files running from within the AppData or LocalAppData folders if at all possible
• Conducting user training in order to educate users to become more cynical, defensive and proactive 

The solution for combatting ransomware is…

There is one go-to-solution for combatting ransomware, one that will always work.  That go-to-solution is called proper backup. If you perform regularly scheduled up-to-date backups your organization will never have to consider making a ransom payment to some unnamed attacker. Bear in mind a backup will be absolutely useless if there is a physical link to it from the infected device.

3-2-1 backup

In order to ensure dependable worry-free backups, you need redundancy which is what the 3-2-1 backup approach is all about.  The topology design of the 3-2-1 backup is as follows:

• Have at least 3 copies of your data - original data supported by two separate backup copies. 
• Utilize two different media formats – e.g. a network share, an SSD drive on some type of storage array. 
• Have one of the copies be offsite – perhaps by utilizing the snapshotting feature of your SAN infrastructure.
• Regular Testing - Any backup plan requires regular testing to ensure that data can be recovered intact. 

The one certainty of ransomware is that it is evolving all the time. In January alone over 37 new ransomware variants appeared including, F Society, CyberHub, Spora, Marlboro, and Dark OverLord to name just a few. With so many different strains circulating, the precautions remain the same. Organizations should maintain backups, use effective email and web security, and crucially treat spam as a serious carrier of malware rather than a nuisance.

If you're an IT Pro with questions about ransomware or other dangerous malware threats please get in touch, we'd be delighted to help. Email us at info@titanhq.com with any questions.