Subscribe to the InfoTech eNewsletter

infoTECH Feature

February 02, 2017

Ransomware: How to Prepare for and Recover from Attacks

By Special Guest
Ron Faith, CEO of Datacastle

Ransomware - a malicious program that infects and locks up files on devices until a ransom is paid - is a growing problem across all industries. Experts say the total cost of ransomware attacks could reach $1 billion in 2016, and the danger is expected to increase sharply in the years ahead. A recent Osterman Research survey of more than 500 IT professionals at businesses in North America and Europe found that almost half had been the target of a ransomware attack.

So how can companies prepare for and recover from ransomware attacks? Education and technology are the keys to defending against ransomware. Before developing a strategy to combat ransomware, it’s important to understand the nature of the threat and what makes it unique. Unlike malware, which is usually created by people hoping to prove their prowess in infiltrating systems and hacking applications, ransomware developers are motivated by profit. And since ransomware is socially engineered (i.e., based on deceiving users into downloading the malicious software), it is incredibly difficult to defend against.

Employee education is essential to undermine ransomware makers’ social engineering advantage. Businesses that want to reduce their risks should invest in a training program that helps employees spot social engineering attempts and avoid downloading ransomware. The Osterman Research survey found that companies that offer yearly security training are 75% less likely to fall victim to a ransomware attack than businesses that don’t provide frequent training.

Anti-malware protection is the first line of defense, but the social engineering aspect of ransomware can negate that protection. Business leaders who want to avoid falling victim to ransomware should think of it as a new kind of threat, not just a variety of malware.  It’s also helpful to view ransomware as a threat that requires robust data protection, with the first line of defense — anti-malware protection — bolstered by employee education and bookended with the last line of defense: endpoint device backup.

Backup is a key component. Since ransomware attackers profit from blocking access to the users’ own data, the only way to truly thwart them is to continuously back up data, preferably in the cloud. With data safely backed up in the cloud, ransomware victims can refuse to pay the ransom. Paying the ransom is no guarantee of getting the data back anyway. Not only does a backup strategy solve the target’s immediate problem, data access, it discourages the practice of ransomware overall by making it less profitable.

Ron Faith, CEO

Another must-have weapon in the fight against ransomware is a smart data discovery solution. That’s because ransomware spreads from device to device before users are even aware of the infection. In this way, a ransomware infection is like a flu virus carried by an asymptomatic person who unwittingly infects others.  Ransomware can spread from a smartphone to a laptop to a work station and then infect servers without anyone having a clue — until the trap is sprung.

With smart data discovery capabilities, a company that falls victim to a ransomware attack can find out exactly who has shared files with an infected device and how the ransomware propagated. Smart data discovery is an incredibly valuable tool for companies that are recovering from a ransomware attack. After regaining access to their data via backup, the company’s IT professionals can use smart data discovery to recreate the path of the ransomware infection and target training where it’s needed most.

As long as there’s money to be made in ransomware attacks, cybercriminals will keep creating malicious software and come up with new ways to deceive employees into downloading it. For business leaders, an “all of the above” strategy is the best way to protect data. Those who keep their anti-malware software up to date, continuously back up data, educate employees frequently and use a smart data discovery solution to examine ransomware incidents will be ahead of the curve. In this case, being ahead of the curve keeps your employees productive and saves real money.

Edited by Stefania Viscusi

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers