Ransomware is not a new problem. The first known piece of ransomware, named PC Cyborg, was spread to AIDS researchers by a fellow biologist. Victims in the early ‘10s would receive packages claiming to be from law enforcement, warning them about fines they needed to pay to avoid prosecution for various activities. Android users found themselves hit with a text prompt from so-called family friends about a sex simulator game stealing their photo.
Consumers and private businesses aren’t the only ones who need to worry. Local, state, and federal agencies have also fallen victim to ransomware attacks. The Georgia Department of Public Safety had laptops and police vehicles attacked by ransomware in July 2019. That came a week after the Johannesburg, South Africa city power company had ransomware take down payment systems and initiate power outages.
Many of these attacks could be mitigated or entirely prevented by a straightforward solution: proper data storage.
How data storage prevents ransomware
We’ve seen storage systems configured so poorly as to practically invite anyone to come in and take what they want. Often, inexperienced IT personnel don’t have the guidance needed to follow best practices when it comes to safeguarding data.
These employees are often tasked with doing a lot with very little. Companies must make sure that they give their IT staff the proper tools and equipment needed for end-to-end data protection. Any short-term costs can easily be earned back through the time and effort saved by adhering to the following protocols when it comes to storage.
Before we talk about how to protect your storage solutions, let’s review some additional ways you can stop ransomware from getting into your company networks and wreaking havoc:
- Employ spam phishing filters to keep phishing links out of staff emails and attachments.
- Make sure you have content filter layers in place to keep unauthorized users and automated sessions from becoming download hubs for hackers.
- Have sound anti-virus and anti-malware software installed on endpoint devices.
- Perform regular updates and patches on exposed devices.
Perform daily storage backups
Is any backup process foolproof when it comes to ransomware? No. But backups can offer you the best chance of data recovery if your organization ends up under attack. Make sure you have a way of reverting any information to an unencrypted state. What good is backing up your information if you cannot access it when needed?
You should be creating multiple versions of critical files. Take note of how many file versions your current backup solutions can retain. You never know how far back you may have to go to get to an uncorrupted version of your data.
A user-triggered ransomware infection can start working on encrypting files on that desktop, then move on to mapped drives. That can take time, and users may not realize something has happened until weeks down the line, making hourly or daily backup retention policies ineffective.
Do not forget the 3-2-1 backup plan for your storage:
- Make sure you have three copies of data
- Store it in two different media formats
- Make sure one of those copies remains offsite
Effective staff training
Regular enforcement of security awareness goes a long way towards keeping staff alert to potential phishing attacks through social engineering.
The training should emphasize the importance of not clicking on suspicious links and understanding when emails are legitimate or bogus. Practical examples work much better than high-level abstracts that go over an employee’s head.
Non-technical users may not understand the ins and outs of how filters work or details on network security. They can understand how to look for misspelled email addresses and how to recognize spoofs of regularly visited websites.
Reinforce the training through blind tests that make them aware of how even the highest-level executive can fall victim to ransomware attempts.
Refining cyber response plans
Where can you find your organization’s business continuity plan? Do you have a plan in place to handle a ransomware attack?
Any organization conducting business over the internet should have a cyber response plan. Being preemptive about protecting your backups and other storage against ransomware attacks can keep you online when an incident occurs.
Your cyber policies should cover issues like replicating virtual machines and rotating hard drives when they are not in use. For those willing to go old-school, tape backup is invulnerable to ransomware attacks.
Redapt can help you create a data storage platform with proper storage protocols. Learn more about what it takes to build a modern data storage solution by downloading our latest white paper: A Strategic Approach to Data Storage.