In the event of a ransomware attack, backup can limit the damage, which is often enormous and can put any organization in crisis. With copies of your data always up-to-date and immediately restorable, you could get back to work quickly without paying the ransom, which doesn’t give you the certainty of recovering your files and feeds cybercrime instead.
Here you can find out:
Why ransomware is so harmful
The costs of a ransomware attack
Why your business needs a secure and fast-to-restore backup against ransomware
Ransomware backup: best practices to facilitate data recovery
Why ransomware is so harmful
Ransomware is malware that encrypts computer data to force the victim to pay a ransom in hopes of accessing their documents again. It usually manages to infiltrate through a Trojan, a decoy consisting of fraudulent attachments or links sent by email, or deceptive download requests. An infection can be really harmful.
Once inside, ransomware infects all computers connected to the organization network making data and documents unusable. If you fail to decrypt them or recover them from the most recent backups, not only hours of work and customer data are lost, but it may become impossible to resume providing services.
Another big problem is the period of forced inactivity that follows the attack, due to the inability to access data and use infected computers. In the meantime, employees and suppliers will still have to be paid. Sales could fade. Inefficiencies and complaints from customers and damage to the brand are probable.
You will need to hire cybersecurity consultants, eliminate ransomware from devices or replace them, and install protection systems that prevent malware from infiltrating again.
If the affected organization has been foresighted and has a good backup service, it will take some time but it will be possible to restore essential files and resume work. In the absence of backup, however, the only way is to try to decrypt the files.
Then there is the problem of penalties for violating privacy laws. A body or company unable to keep sensitive customer and employee data risks fines that become extremely probable if the data is published on leak sites by the blackmailers, as is increasingly the case.
For these reasons, a good percentage of organizations give in to blackmail, fostering the criminal organizations responsible for ransomware infections and risking becoming their target again. Payers are in fact more likely to be attacked repeatedly (by 75-80%, according to GTIC Monthly Threat Report: August 2021).
The costs of a ransomware attack
A ransomware attack can seriously undermine a company. The costs to bring everything back to normal are much higher than the mere ransom. They’re significant even for those who don\’t pay, especially in the absence of a reliable backup system that allows quick data recovery.
Analyzing the state of ransomware in 2021, Sophos estimated that the average ransom alone was around 3.2 million dollars and 170.000 for medium-sized organizations, while the most often paid amount was 10.000. Today, however, we know of large multinationals that have been asked for tens of millions of dollars in exchange for the decryption keys.
However, during 2020, ransomware remediation cost – including the consequences of forced interruption of work and lost earnings, and any damage to devices and infrastructures – increased up to an average of 1.85 million dollars.
Most companies are able to resume their regular activity after more than a week, between 12 and 21 days. The economic impact of this idle time is directly proportional to the average salary of the country in which the affected organization is located. Those with the highest ransomware remediation cost appear to be Belgium, Singapore, the Netherlands and the United States.
Why against ransomware your business needs a secure and fast-to-restore backup
In fact, paying the ransom does not guarantee the decoding of the data. The decryption keys remain on the servers for only a few days and if you arrive late there is nothing you can do. Furthermore, cybercriminals are not people you can trust: not all organizations that give in to blackmail will have files decrypted.
According to Sophos, only 65% of the data was recovered after the payment. Other sources state that only 8% of victims managed to recover all data and that more than 40% were unable to recover anything. Furthermore, negotiation and decryption take a long time. A secure, anytime restorable backup can save you a lot of money and stress.
To reduce the economic impact of ransomware, it is important to constantly back up data and thus be able to immediately retrieve the latest clean version of files, minimizing downtime.
Backup: best practices to facilitate ransomware recovery
Ransomware attacks can only be avoided by dedicating a lot of attention and resources to cybersecurity. On the other hand, however, malware is constantly evolving and it is necessary to be prepared for the eventuality that it might succeed in infecting the system. These are some best practices to facilitate ransomware recovery:
- Baking up your data as regularly and frequently as possible, to make sure you don\’t lose hours of work if forced to restore. Doing it manually takes time and exposes you to the risk of mistakes. Luckily, today we can rely on cloud backup that is extremely convenient because it’s completely automatable.
- Making sure your cloud backup provider offers infinite versioning – that is, it saves infinite versions of your files. So in the event of an accident, a copy updated only a few minutes before will always be available.
- Choosing a backup system that allows recovery to a chosen date. Thus it will be possible to restore the last unencrypted version saved before the attack.
- Protect all devices used by collaborators, including smartphones and tablets. Today, some apps allow you to back up to the cloud mobile devices as well.
If you don\’t have a business data protection strategy yet, it’s the right time to discover Babylon Cloud solutions:
- secure cloud backup service, 100% GDPR compliant;
- infinite versioning;
- restore to the chosen date;
- available for any type of device commonly used for work: PCs and servers, tablets, smartphones and external memories;
- unlimited devices for each user.
With our technology, disaster recovery is not a problem: any organization or professional can restore all data in a matter of hours.
