Ransomware reality check required

StorageCraft has announced the second in a series of findings from an independent global research study of over 700 companies in Australia, France, Germany, North America and the UK on the attitudes of IT decision-makers (ITDM) around data management. The findings reveal a concerning disconnect between an organisation's confidence and its actual ability to recover from a ransomware attack. While 68% of respondents believe they have a clear plan in place and could quickly recover from a ransomware attack, nearly a quarter (23%) do not test their recovery plans. Of those that do test, nearly half (46%) only test their recovery plans once a year or less.

  • 4 years ago Posted in

Further highlighting the difference between the perception and reality of being able to recover from a ransomware attack, the majority (86%) of respondents confirmed they suffered data loss in the past year, with over a quarter (27%) suffering data loss in the last six months. The research also uncovered issues around the budget and complexity of IT infrastructure, which will add to the challenge of ransomware preparedness.

  • Nearly half (46%) of respondents reported that they do not have the budget to manage their data and recover from a failure adequately.
  • Again, nearly half (49%) of respondents reported they have between 3 and 5 different types of systems to manage and protect data. Thirty-three percent have six or more different types of systems.

 

Said Shridar Subramanian, vice president of marketing and product management at StorageCraft: “Even though ransomware continues to be a scourge on business,with a reported[1] 118% increase of incidents in the first quarter of this year aloneour research shows too many organisations are ill-prepared to protect against it. They must take a reality check and assess and test their ability to protect and recover from a ransomware attack.”

 

StorageCraft recommends that organisations assess and test their plans for ransomware prevention, remediation, and recovery. First, businesses should identify and locate their business-critical data and take comprehensive steps to protect it. This step includes email security systems, firewalls, regular software updates, clearly audited administrative and access policies, and ongoing user education. However, prevention is not foolproof, which is why a ransomware-specific plan for remediation and recovery is essential. Thwarting ransomware is dependent on an organisations’ data locality (i.e., on-premises, in the cloud or in cloud-based applications such as G Suite and O365) and preferred recovery location. Critical elements of a successful plan for ransomware remediation and recovery include:

  • Immutable Snapshots: To ensure unstructured data can be recovered, companies should protect their information with continuous immutable snapshots. Data captured this way is ‘frozen’ and cannot be overwritten or deleted by ransomware attackers. This ensures an organisation can revert to a secure set of data.
  • Orchestration: A successful recovery process requires that business-critical data and applications are prioritized. Companies using cloud-based recovery should pre-determine the order in which their data and applications will be recovered. This ‘orchestration’ ensures minimal downtime, once data recovery begins. 
  • Immediate Recovery: Considering one minute of downtime costs $5,600 according to industry analyst firm Gartner[2], the speed of recovery following a ransomware attack is a crucial element of the remediation and recovery process. Solutions such as StorageCraft VirtualBoot provide the ability to recover virtual and physical infrastructures - and both structured and unstructured data - instantly.
  • Failback: After a successful cloud-based recovery, the last step in remediating a ransomware infection is returning the data infrastructure to its original location and resuming operations as usual. The planned failback process should have a minimal impact on production applications to minimise any additional downtime and adverse effect on the business. 
Exos X20 and IronWolf Pro 20TB CMR-based HDDs help organizations maximize the value of data.
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Infinidat has achieved significant milestones in an aggressive expansion of its channel...
Collaboration will safeguard HPC storage systems and customer data with Panasas hardware-based...
Peraton, a leading mission capability integrator and transformative enterprise IT provider, has...
Helping customers plan for software failure, data loss and downtime.
Cloud Computing and Disaster Recovery specialist, virtualDCS has been named as the first UK-based...
SharePlex 10.1.2 enables customers to move data in near real-time to MySQL and PostgreSQL.