Ransomware attacks are increasingly sophisticated and common. There is a good chance you know someone that has been negatively affected by Ransomware.
All organizations are at risk of attack, large and small. We tend to hear about large companies that have been attacked in the news, but smaller organizations are also at risk.
Here are some articles that provide background info on the threat posed by Ransomware:
What is ransomware, https://www.veeam.com/blog/what-is-ransomware.html
Discusses the 200-300% increase in ransomware attacks in 2021 and prevention / response strategies, https://www.reuters.com/legal/legalindustry/ransomware-state-union-regulations-trendsmitigation-strategies-2021-10-14/
While the threat posed by Ransomware cannot be completely eliminated, there are some relatively simple steps you can take to help mitigate the possibility of a worst case scenario where your data and all your backups are destroyed by an attack. These steps must be taken before an attack, as there is very little anyone can do to help you after an attack has occurred, especially if your backup data has been destroyed.
Performing either or both of the following two steps can greatly reduce the likelihood of a calamitous and permanent data loss for your office:
1. Regularly backup your data to an air gapped storage location. What is an air gapped backup? Please see, a. https://corodata.com/what-is-an-air-gap
2. Backup your data to a cloud based location that supports immutability, such as Amazon AWS, Microsoft Azure, or other similar service. Immutability prevents backup data from being erased for at least 30 days after it was initially recorded.
3. Make sure the ability to restore from the above mentioned backups is tested regularly. Please request a quote for a “test restore” of your backup system if you are interested in this service from us.
4. Do you have a basic understanding of where you store important data, and how your data is backed up and protected? If you would like to request a quote to evaluate and document your backup systems, just let us know. It is very important that you have a basic understanding of your data backup protection systems and status, as you are the one that will be affected by any significant data loss – more so than any outside vendor that helps organize or monitor your data backups.
Preventing a ransomware attack in the first place is always ideal, but the critical “life and death” concern for your data, is that an attacker must never be able to destroy your backup data on under any circumstances. Some ransomware actors are very sophisticated and given the opportunity will destroy any backup data they can locate and access.
Our records show that we do not monitor your data backups, nor have we tested the validity of your backups, so please be sure you are taking care of these critical tasks or ask us for assistance with these matters.
We also have no record of an air gapping or immutability feature enabled for your backups. If you would like us to monitor your backups, or provide other recommendations to help your office avoid and improve your ability to recover from threats such as ransomware please let us know by replying to this email.
Without properly tested backups and other critical data protection measures in place for your office, you are at an increased risk of an attack that could lead to the destruction of data on your servers and your backup data as well.
Backing up your data is an expansive topic, the full scope of which is beyond this letter. Mainly it is critical that you have robust backup processes in place for all locations in which you store data, including: Office365 and or Google platforms, Saas services you may use, user workstations, and any other locations. Any data that is of value to its own is a potential target for Ransomware attack and ensuing loss.
In addition to keeping proper backups of your data, we also strongly recommend that you purchase and maintain cyber insurance coverage for your company. Recovering from a cyber attack can be an expensive and uncertain process. You must have cyber insurance in place before a cyber related loss occurs to have any chance at being covered for the related costs.
At the end of the day, protecting your data is your responsibility. Please contact us to discuss the status of your data backups if you have any questions, we are ready to help!