In the past few months, we’ve seen a pronounced uptick in cyber attacks of all stripes. However, the most directly destructive are ransomware attacks. For the blessedly uninitiated, a ransomware attack is when a piece of malware finds its way onto your computer and sets about encrypting all of your files. Once it has done so, it will generally post a message for you explaining what has happened, and telling you to pay a ransom in exchange for the password to recover your data.
Now the strongest defense against Ransomware is comprehensive backups, inaccessible from the infected system. Most ransomware systems will aggressively go after any backups they find, knowing that if they can destroy the backups of the data they’re encrypting it will be much harder for the victim to justify writing off the data.
Like any other extortion racket, the FBI does not support paying these ransoms. The risk of infection can be reduced with user awareness training and aggressive permissions restrictions, but even the most diligent administrators and users have a risk of being infected by a zero-day attack that has no patch or mitigation method.
There are a number of vendors that provide backup services, but they are not all equal. A proper backup must be isolated. Only in this way it can’t be corrupted if the system being backed up is infected. This isolation is the critical element. If you’re not sure what system you have or if you’re vulnerable, give us a call. We can work with you to determine what your risk level is, and how you can bring it down.