Ransomware attacks are increasingly sophisticated and common. There is a good chance you know someone that has been negatively affected by Ransomware.
All organizations are at risk of attack, large and small. We tend to hear about large companies that have been attacked in the news, but smaller organizations are also at risk.
Here are some articles that provide background info on the threat posed by Ransomware:
What is ransomware, https://www.veeam.com/blog/what-is-ransomware.html
Discusses the 200-300% increase in ransomware attacks in 2021 and prevention / response strategies, https://www.reuters.com/legal/legalindustry/ransomware-state-union-regulations-trendsmitigation-strategies-2021-10-14/
While the threat posed by Ransomware cannot be completely eliminated, there are some relatively simple steps you can take to help mitigate the possibility of a worst case scenario where your data and all your backups are destroyed by an attack. These steps must be taken before an attack, as there is very little anyone can do to help you after an attack has occurred, especially if your backup data has been destroyed.
Performing either or both of the following two steps can greatly reduce the likelihood of a calamitous and permanent data loss for your office:
1. Regularly backup your data to an air gapped storage location. What is an air gapped backup? Please see, a. https://corodata.com/what-is-an-air-gap
2. Backup your data to a cloud based location that supports immutability, such as Amazon AWS, Microsoft Azure, or other similar service. Immutability prevents backup data from being erased for at least 30 days after it was initially recorded.
3. Make sure the ability to restore from the above mentioned backups is tested regularly. Please request a quote for a “test restore” of your backup system if you are interested in this service from us.
4. Do you have a basic understanding of where you store important data, and how your data is backed up and protected? If you would like to request a quote to evaluate and document your backup systems, just let us know. It is very important that you have a basic understanding of your data backup protection systems and status, as you are the one that will be affected by any significant data loss – more so than any outside vendor that helps organize or monitor your data backups.
Preventing a ransomware attack in the first place is always ideal, but the critical “life and death” concern for your data, is that an attacker must never be able to destroy your backup data on under any circumstances. Some ransomware actors are very sophisticated and given the opportunity will destroy any backup data they can locate and access.
Our records show that we presently monitor your at least some of your data backup processes. I am also pleased to report that we recently enabled “immutability”, for the backups we monitor for your office, to the Amazon “AWS” cloud. With immutability enabled, your risk of losing all your backup data that is stored in this location as a consequence of a ransomware attack is reduced.
From time to time you will see various backup related time charges on your monthly invoices from us. For example, as mentioned above, we recently performed work necessary to enable Immutablity for your cloud stored data backups.
Backing up your data is an expansive topic, the full scope of which is beyond this letter. Mainly it is critical that you have robust backup processes in place for all locations in which you store data, including: Office365 and or Google platforms, Saas services you may use, user workstations, and any other locations. Any data that is of value to its own is a potential target for Ransomware attack and ensuing loss.
In addition to keeping proper backups of your data, we also strongly recommend that you purchase and maintain cyber insurance coverage for your company. Recovering from a cyber attack can be an expensive and uncertain process. You must have cyber insurance in place before a cyber related loss occurs to have any chance at being covered for the related costs.
At the end of the day, protecting your data is your responsibility. Please contact us to discuss the status of your data backups if you have any questions, we are ready to help!
Thank you,
