Ransomware: How an Offsite Backup Saves the Day

Written by 

 

Ransomware is on the rise everywhere around the world, and as warnings abound from security experts, we take a look at how ransomware works, but most of all why it (still) works and how come, after many years of technological advancements in the backup & disaster recovery industry, this threat is still very much real and produces damage measurable in dollars to businesses. New developments in ransomware techniques and codes make data protection planning all the more important for IT professionals, who are well aware that having an offsite backup (or two) can potentially save your business’s life.

From simple desktop users to the health industry and educational institutions, it seems every other week we get news of another disaster: the University of Calgary in Canada just paid the hackers the equivalent of 20,000 Canadian dollars in Bitcoin to get back access to its systems and network.

This is just the tip of the iceberg when it comes to ransomware attacks – we know that the University of Calgary demonstrated Canadian-like courtesy by releasing news of the attack and the ransom amount “in an effort to be transparent,” says the Calgary Herald, who first reported the news. Most of these attacks are often not reported for reputation or further security concerns.

Federal Bureau of Investigations (FBI) noted that in 2016’s first quarter, more than 200 million dollars was paid in ransomware attacks. According to the FBI, there were more than 2,400 reported ransomware attacks in 2015 totaling more than $24 million, with ransoms paid during the first quarter of 2016 surpassing $200 million.

 

hacker offsite backup

Ransomware New Developments: How Hackers Keep Getting Better

So how does an organization find itself in the situation of having files encrypted due to a ransomware attack? Just being aware of security risks when using a shady website or clicking a suspicious link is not enough anymore, as hackers keep evolving their methods in attacks. The bad guys are relying on the fact that users are vulnerable and don’t have knowledge of their techniques, but also that IT administrators don’t often use an offsite backup for their system.

1. Ransomware Email Attachments In JavaScript

Antivirus software firm ESET has detected a new type of threat at the end of May, when it has shown that email attachments written in Javascript code could download different variants of malware to user’s computers (such as the Locky virus), if the email attachment is clicked.

Most malware programs for Windows are written in compiled programming languages like C or C++, and usually get the extension .exe and .dll – lo and behold, using an interpretative language such as Javascript is now part of hacker’s arsenal.

2. Unpatched Systems Are Exploited

McAfee warned in its June Threat Report that ransomware attacks have risen 24% this quarter. One fact to highlight is that it doesn’t take a rocket scientist to conduct a ransomware attack: “relatively unskilled cybercriminals can use exploit kits to deploy the malware,” shows the report.

Patching up and installing updates for operating systems and applications (be it desktop or mobile) is paramount for data protection and ransomware prevention. Software which is no longer supported by its manufacturer is a huge risk, as hackers will exploit any vulnerabilities.

You can read more about how to prevent ransomware and discourage data kidnappers here.

Why You Need A Windows Offsite Backup File

Cyberattacks can happen even if you haven’t clicked that weird link from the Nigerian prince in your spam folder, and even if you have Windows File History backup system turned on. This is why keeping an offsite Windows backup file using server or desktop backup software is crucial for business continuity.

How do the bad guys get hold of your systems?

•Ransomware viruses can infect legitimate websites and download themselves on user’s computers (in March, a Trend Micro report showed how big sites such as msn.com, nytimes.com, aol.com, realtor.com or newsweek.com were victims of attacks that attempted to download cryptolocker ransomware and malware on user’s computers);

•Some ransomware types will also encrypt or delete the backup versions of your Windows Files, warns Microsoft, in its guide on ransomware (so having a Windows Backup is simply not enough);

To add insult to injury, implementing strict IT policies for data security often doesn’t work as well for large organizations, who are constantly having to deal with new employees coming in (lack of training), or existing employees who are not particularly tech-savvy. Working out IT policies and getting everyone to respect them is a daunting task. The lack of enough staff with IT expertise is sometimes a challenge, especially in the public sector, and not all IT specialists understand the value of an offsite backup.

 

If you would like more information about StorageCraft and their backup & disaster recovery offerings, check out their website- www.storagecraft.com