Get Data Recovery Skills or Be “Taken” by Ransomware

By Chris Gondek, Principal Architect, Commvault

Imagine if your data was “taken” but instead of panicking, you instantly became Liam Neeson from the movie “Taken”. The coolest, toughest character ever imagined, who dealt with his own ransom situation – without paying.

Chris Gondek, Principal Architect, Commvault
WannaCry; a ransomware campaign with unprecedented scale, hit around 200,000 systems across 150 countries. Asia is no exception, with reports of several businesses affected by the attack.

Ransomware, and other malicious software, is estimated to cost the Australian economy about $1 billion a year. In Britain, WannaCry has crippled the health system – with stroke victims unable to undergo urgent surgery because their scans could not be accessed – and affected other businesses around the world.

When Ransomware Hits: Three Options for Data Recovery

“Ransomware” is increasingly becoming the number one cause of data loss for businesses. Software security has become more resilient to cyber-attacks, but what happens (and it does happen a lot) when the security systems fail and are bypassed by a simple phishing attack, or a patch not applied?

When ransomware hits your business, you have three choices:
  1. Give up, cut your losses and start again? For most businesses, this is not really an option as you can’t just write off potentially business critical data that is held in the attack. At the same time, you need to bring systems back to a working condition and often data is key to this
  2. Pay the ransom!? Who knows, you might get your data back, and once you have paid, they know who to target again – repeatedly until the software evolves to become “extortion ware”
  3. Channel your inner Liam Neeson, and tell the ransom-holders that you have a particular set of skills… skills you have acquired over a very long career… skills that make you a nightmare for data extortionists

Be Cool: Use Your Data Recovery Skills

Those skills, are data recovery skills. The only way businesses can ignore any Ransomware is to immediately recover from data backup, and I do make emphasis on immediately.

Cyber-attacks are becoming increasingly more sophisticated and while an attack cannot always be avoided, there are steps you can put in place to mitigate the effects of attacks. You can have processes in place to minimise customer impact and the organisation’s own brand and reputation.

For example, achievable Recovery Time Objectives (RTO). RTO refers to the time it takes a business to restore data once disaster has struck, including bringing your systems back to normal. It may seem straight forward on the surface but to be able to perform quick data recovery, you need to have a powerful data protection solution and an understood and agreed service level in place.

Data Recovery Needs Speed and Automation

To recover from a ransomware attack, you need to have deployed – and managed – data backup. Being able to backup databases, files, applications, endpoints and VMs according to data type and recovery profile is critical to a speedy recovery. In addition, organisations who employ good data management will know where the data lives – across public or private cloud(s), on-premises or co-lo sites – and will have specific data backups and processes in place to protect it. As a result, when an emergency hits, data recovery is fast and automated.

Today, businesses seem to be focused on their security rather than recoverability. Whilst security is critical to every organisation across the globe, we cannot forget that an attacker only has to get lucky once. With data being the heartbeat of businesses today, being able to prevent loss and recover, should be mission critical.

The only true way to be completely confident in the face of this new threat, is the Liam Neeson way, have those data recovery skills. When you know data management – and adhere to good data practices – you make yourself a nightmare to the ransomware creators, affectively rendering themselves useless.