If you have never lost any of your business data you are the luckiest person on earth. If you have suffered a loss you are keenly aware of the pain that it can cause as well as the cost both in time and in dollars to recreate it. Well that is nothing compared to threat posed by what is known as “ransomware”.
Ransomeware is easy to get. If you visit a web site designed to propagate the virus, you’ve got it. You probably wouldn’t go there intentionally, but the whole science of “social engineering” is exploited by bad guys to trick into doing just that. If you visit a web site that uses advertising banners, you could get infected by a bad add. If you go to a good site, without advertising banners and that site has been compromised, you get it. And just because the last 99 times you’ve visited that site doesn’t mean you are save on the 100th visit, it could have been compromised in between visits.
It is difficult to know if you have gotten ransomeware. It can sit in your computer waiting for the end of the day or end of the week before doing its work. So you leave work Friday and everything seems find only to find out Monday morning that not only not fine but that it is a disaster of epic proportions.
Once ransomware goes to work, it scans your computer for files. Each file it finds it encrypts with an unbreakable encryption key. When its done with your system drive, it methodically goes through all of the other drives on your computer. When it is done with your computer, it methodically goes through every network share you have access to and does the same thing. That can include peer-to-peer shares on other computers in your area or file servers. It can also encrypt any shares you have access to in the “cloud”.
And if that isn’t bad enough, then your backup(s) run. The backup program dutifully makes a perfect copy of all of that unreadable data. And the real kicker is, that if your backup destination did contain a good backup it gets over written with a perfect of copy of unreadable data.
So, Monday morning comes and you find out that your data is gone AND your backup is gone too. Time for a cup of coffee and time to rethink your approach to backup.
There is a solution. Use a backup scheme that includes versioning. What is that? It is the solution to all (well almost all) of your data loss prevention problems. A versioning backup program records not only all of your files, but all of the changes to each of those files. This allows you to “simply” restore from a “version” that existed before the malware tried to wreck you would. “Simply” can still be a day’s worth of work, but at least it is doable.
There a lot of good backup programs that do versioning. If you need help finding one, give us a call.
By the way. Just because you have a good versioning backup program doesn’t mitigate your need to test it, verify it, and monitor it on an ongoing basis. If you can’t or don’t want to do that, give us a call.