Ransomware attacks can result in stalled operations, high recovery costs, and sensitive data exposure. The recent surge in ransomware attacks does not seem to be slowing and hackers have only improved upon their techniques over time, such as targeting backup files and software. This article seeks to increase awareness of a data backup tape rotation scheme approach for your IT and security teams to implement to help prevent your organization from being forced to pay a ransom.
Beyond ransomware targeting state and local governments and academic institutions, we have seen more sophisticated attacks targeting small and larger corporations and demanding higher payments. For example, this week cyber criminals extorted the University of California for its research data on a Covid-19 cure, forcing them to pay $1.14 million to get their data back.
In the past, IT teams relied on offline backup tapes. When hard drives became more budget friendly, teams started replicating their data to external hard drives for storage either at the same location or a remote location.
Reverting back to a full, offsite backup approach is an effective way to prevent your organization from being forced to pay a ransom in order to get its accesses and sensitive data restored. Then, if you are hacked it is up to your organization to contact the proper authorities for assistance or tell the hackers to go pound sand.
Ransomware Costs More Than the Initial Extortion
If hackers encrypt your data, you should NEVER pay. There is a good chance that they installed a backdoor in your system so they could come back in later and demand another payment or they have no intention of giving you access to your data even if you do pay up the first time.
An IBM study revealed that a quarter of business executives would be willing to pay between $20,000 and $50,000 to regain access to encrypted data. Ransomware downtime and recovery costs organizations more than $64,000 on average. However, this does not account for the exposure of data that hackers may leak on the dark web if they don’t receive the ransom payment.
Implement a Dual Hard Disk and Cloud Backup Scheme
All types of connected data storage are vulnerable to a ransomware attack and there are several approaches to pick from to manage this risk. One effective mitigation is to incorporate a rotating, offline data backup tape rotation scheme.
Multiple tapes can hold several GB and TB of data. There are several data backup tape rotation schemes to minimize your organization’s exposure to data loss, depending on what fits your organization’s needs, risk tolerance, and data history requirements, including:
- Daily with permanent storage (increases overall costs)
- Daily differential with weekend full backup
- Daily incremental with weekend full backup
- Round Robin with archiving
- Grandfather Father Son
- Tower of Hanoi
You can combine these schemes with cloud storage backup that allows for real time or as needed replication to meet your business needs. However, the physical tape is your safeguard from ransomware attacks to the cloud storage.
What To Do If You Are Attacked
If you are attacked and can recover, before you go live again be sure to patch your systems, update your anti-malware, conduct a security review or assessment to help identify any vulnerabilities, and provide your users with anti-phishing training.
Sometimes the old ways are still the best ways. Consider using tape backups or hard disk in a tape backup scheme.
Contact GPSG at cyberteam@gpsg.co for a free consultation on preventing cyber attacks and managing digital risk.
Disclaimer: This website provides ever changing content, conversations, and insights on cyber threats and trending solutions that is accurate to the best of our knowledge. Although we are cybersecurity experts, we provide information which we hope is helpful, and do not endorse any specific products, tools, or solutions referenced herein. Consult with your cybersecurity team before taking any action.