I know you have been hearing a lot about ransomware attacks lately. It’s talked about almost everyday in the news. Within the last month we’ve heard about T-Mobile, Accenture, Coglin Electrical and the Steamship Authority of Massachusetts ferry service.
Unfortunately, most business owners believe they won’t be hit by a hacker because their business is too small to capture the eye of these cybercriminals.
This is simply not the case, hackers create bots that scour networks to exploit all networks, regardless of the size of the company. The bot does not have a criteria of who it hits. The bot has one job, to find vulnerabilities in a network and exploit them.
In plain english, the bot breaks into networks and steals credit card numbers, birth dates, financial data, vendor information and company data regardless of the size of the business.
You can watch the video, “Most Cyberattacks Are Kept Quiet” here for more information on small companies that get hit by ransomware.
As an IT expert, keeping you safe and protected is personal to me. I do not want the hackers to win. So I want to educate you on cybersecurity and why it is important that you have a cybersecurity plan in place.
The cybersecurity plan, referred to as Business Continuity and Disaster Recovery (BCDR) plan, helps you recover in the event of a cyberattack. The BCDR plan includes a strategy for backing up data.
But instead of creating a BCDR plan, business owners usually start with backing up their files.
Common Issues with Data Backups
Most business owners feel like their first line of defense against hackers is to back up their data, so they start there. Unfortunately, while backing up data seems like a straightforward process, a lot can go wrong.
Backing Up Infected Data
Many times, unbeknownst to the business owner, the data on the networks and computers being backed up contain viruses, worms and/or ransomware. So not only are the network and computers corrupted, the backup is as well, which means: the backup isn’t usable.
Is The Backup Actually Complete?
Have you ever tested your backup after backing it up? Most business owners don’t until they run into a network or computer problem, or are hit with ransomware and go for the backup. Only to find:
- The backup wasn’t tested and has no files on it
- The backup did not backup the data you thought
- The last time your network was backed up was months or years ago even though you received messages that the backup was successful each day
- The backup got corrupted and there is no data on it
- The backup file size is so large it will take days to restore
- There is so much data on the backup it will take days for you to find the data you need
The list of backup errors goes on, even though it seems like backing up your files is an easy task, a lot can go wrong.
Encrypted Data, but No Key
Another issue that pops up all the time involves data encryption. Data encryption is a tactic to protect your data that you really must use. The problem is, in order to access your data, you need to use a decryption key.
Because your data is encrypted, hackers can’t access it. But they can still double encrypt it and hold it ransom.
The problem is … there is only one key. You can make copies of that key, but if the decryption key is stored on a local drive that is hit with Ransomware, it is encrypted as well.
So you essentially have no backup because you can’t use the data you have. You can’t decrypt your backup because it was encrypted by you – and the decryption key is inside the data encrypted by the hackers and being ransomed back to you.
How Long Is This Backup Restore Going to Take?
If you are attacked with Ransomware or you need to restore your backup for any reason, do you know how long it could take to restore it? Even if your data is secured and backed up off-site, restoring across the Internet could be a long process that takes months. The hackers do not give you months to pay the ransom, they give you hours. Your backup restore must be easily accessible and quickly usable.
Otherwise your business suffers. All of the data that you use to do business is backed up, but it’s not accessible to you until it is restored.
Ensuring Your Data Backups Work
The most crucial element in ensuring you are able to recover quickly from data loss or a cyberattack is with a BCDR plan. Your BCDR plan should include instructions on where your backups are housed, how often they are tested and what data is being backed up. That way you won’t be left trying to rebuild data you thought was backed up.
And if you were really serious about protecting your data and business, you would use a sophisticated backup and recovery tool that uses multiple backups across different servers that could be spun up and in place within an hour. So that while the restore is taking place, you can still do business.
Preventing Ransomware In The First Place
There are many ways you can protect yourself from a cyberattack. It is our number one goal here at Attain Technology to provide you with the tools you need to stay safe and protected. Below is a list of resources I’ve put together that will provide additional information on what you can do to protect yourself.
Technology Audit and Cybersecurity Assessment
The best time to ensure you are safe, protected and backed up is now. Don’t wait until you are hit with Ransomware to find out if your backups work.
Start building a strong cybersecurity plan today with Attain Technology.