Ransomware - End of the World - or a Non-Issue? — An Interactive Discussion From Steadfast

On July 13, Steadfast’s will host Ransomware - End of the World - or a Non-Issue?, an interactive discussion in which Ed Dryer, Senior Technology Strategist at Steadfast, will join a panel of industry experts to consider the legal, technological, and economic impact of ransomware on SMEs and how that risk can be minimized with secure off-site backups.

Ransomware has been top of the news for the last few months. Businesses and governments all over the world have been disrupted, millions of dollars have been paid to criminals, millions more have been lost to downtime and operational chaos.

But it doesn’t have to be that way. Combating ransomware isn’t rocket science: all you need is a recent secure backup.

In May, the WannaCry ransomware wreaked havoc across much of Europe and the US. In the UK, vital services, including hospitals, were unable to function because data was unavailable. As I write this article, the Petya (or NotPetya) ransomware is busy infecting machines across the world. Governments, shipping firms, and — most worryingly — the Chernobyl nuclear reactor have been affected, as have thousands of other businesses and ordinary people.

Ransomware is a threat to businesses of all sizes, and particularly to small and medium businesses. It’s estimated that in 2017, ransomware will be a billion-dollar money-spinner for criminals. Because it’s proven to be so lucrative, we can expect to see the attacks increase in sophistication and volume.

What can businesses do to protect themselves and their infrastructure? Before ransomware can encrypt data, it must compromise the machines on which that data is stored. Typically, that’s done via a software vulnerability, almost always a vulnerability associated with out-of-date software. The first line of defense against ransomware is regular updates.

If ransomware does manage to make its way onto a machine to encrypt vital data, businesses have a few options. Firstly, they can acquire some bitcoins and pay the ransom. In many cases, although not all, the ransomware operators will produce the keys needed to decrypt the data.

Clearly, paying the ransom isn’t desirable, but if your business loses critical customer or internal data because of a ransomware attack, the consequences can pose an existential risk to the business and its continuing success.

But with a little advanced preparation, paying the ransom can be avoided altogether, even if a business’s data is encrypted. Ransomware only works if the attacker can deprive the victim of data they value. The solution is obvious: make sure that the data exists in more than one location. If a business has secure, up-to-date, off-site backups, the threat from ransomware attacks is minimal. The encrypted data can simply be restored from the secure backup.

Backups reduce the disruption caused by a ransomware attack to a minimum and remove the need for businesses to ever pay a ransom. With a cloud-based backup and disaster recovery plan, ransomware is transformed from a threat to the health of a business to an annoyance.

If you’d like to learn more about how secure cloud backups can protect your business from the scourge of ransomware, be sure to attend our interactive discussion Ransomware - End of the World - or a Non-Issue?, which takes place on Thursday, July 13 between 3PM and 5PM at ITA (Illinois Technology Association) TechNexus Office in Chicago.