Could Your Organization Recover from a Destructive Ransomware Attack?

Destructive ransomware and cyber attacks have become a constant threat in our IT world. Nearly every day we hear of the latest attack that has impacted a business, health care organization, local government, or school system and has caused disruption to operations and costly recovery actions.

A recent survey (1) of business leaders revealed that 68% view their cyber security risks as increasing and 69% of respondents lack confidence that they could recover all business-critical data in the event of a cyber-attack. While most cyber-attacks (71%) are financially motivated, data corruption can stem from different attacks including insiders.  

While organizations should continue their efforts in prevention and detection, implementing an effective strategy to respond and recover are just as important.  Why? Attackers are attacking systems, data and backups. They are encrypting the backup catalog in addition to the systems and data to render them useless for recovery. Many experts recommend having isolated backups as an effective strategy to recover from these destructive attacks.

Cyber-Attacks Impact the Bottom Line

Estimates of the average cost of a malware attack vary. One study (1) estimates the average cost to be $2.4 million but it also reports that the cost varies by organizational size and vertical. Regardless, the cost can be significant, and the impact can be difficult to accurately assess. You must consider not only the loss of business and direct cost to IT to recover, but the loss of business brand and reputation that can be far reaching.

Paying a ransom to retrieve data might sound like a good idea, but it comes with many different risks and costs. There is no guarantee that you will get your data restored or that the demand doesn't increase after making a payment. These attackers are criminals and there is no honor among thieves! Additionally, paying the ransom could be an illegal activity in the US (2) and other countries may well follow suit.

Simply put, a ransomware attack will cost the organization far more than can be seen on the surface. The stability of a company’s revenue and its very existence hinges on the availability of mission critical data and systems to support business continuance and recovery operations. 

This Sounds Bad, What Should I Do?

A Cyber Recovery solution gives organizations a proven and modern strategy to improve the maturity of their security posture. Traditional backup services alone are not adequate for recovery from cyber attacks. Many IT analysts and government agencies recommend making backup images or gold copies inaccessible from the network through air-gapped media.

Cyber Recovery – A Key Component of Your Security Posture

The Dell PowerProtect Cyber Recovery solution includes a secure digital vault that is physically and logically isolated from production and backup networks with an operational air gap. Critical data is protected within the vault in an immutable format with retention periods locked. This enables the best possible chance for recovery if primary backups have been compromised or your DR location has been breached or infected.

Without a Cyber Recovery solution, an organization can spend significant time recovering the last backups without knowing if they are good or compromised. This is a long, labor intense, iterative, and costly process. Not exactly what you want when dealing with a business disrupting event. 

Dell’s solution is constantly monitoring data integrity within the vault and if signs of corruption are detected, an alert is generated, with the attack vector and listing of files affected. This enables you to identify and diagnose potential threats and recover "known good" data quickly so recovery can occur quickly rather than within weeks or months.

Where Should You Start

Many organizations delay implementing Cyber Recovery due to excessive analysis of what data to include in the vault. Dell recommends starting IMMEDIATELY with your most critical materials. You can expand what data you are protecting in a vault over time and as budget allows. Below is a chart that outlines some critical materials to consider for getting started.

Protecting your business starts with protecting your data. Dell Data Protection Solutions can help! Learn more at: www.DellTechnologies.com/CyberRecovery

(1) Accenture: 2017 Cost of Cyber Crime Study

(2) US Department of the Treasury’s Office of Foreign Assets Control (OFAC) https://home.treasury.gov/system/files/126/ofac_ransomware_advisory_10012020_1.pdf