Given the eye-catching headlines and high-profile disasters, ransomware’s ability to wreak havoc probably needs no introduction.
Case in point: The government of Jackson County, Georgia, was recently forced to pay $400,000 in cryptocurrency to a criminal gang that had taken over the network and encrypted their environment, making it completely unusable. Numerous stories like this can be found in headlines across the globe, taken from the experiences of hospitals, universities and businesses alike.
In 2017, the FBI’s Internet Crime Complaint Center received 1,783 complaints from U.S. organizations that were infected with ransomware. These attacks cost millions of dollars in losses. Yet these numbers represent only a fraction of the total number of attacks, as the vast majority are never reported to the FBI.
Certainly, ransomware can be devastating, but here’s a secret: It doesn’t have to be.
Disaster Recovery as a Service (DRaaS) allows you to invalidate the threat of ransomware by creating redundancy in your environment. This blog will cover how that works, but first, let’s take some time to understand ransomware.
Ransomware comes in many forms, but two main varieties have emerged: locker-ware and crypto-ware. Locker-ware involves a hacker taking control of a specific computer or network and then changing passwords so that systems cannot be accessed. Crypto-ware uses encryption techniques to mask all data, rendering it unreadable or unusable.
In both types of ransomware attacks, the criminals extort the organization, offering to unlock the system only after receiving payment (usually in the form of cryptocurrency).
In 2017, ransomware program WannaCry made headlines, infecting an estimated 200,000 computers and netting its creators roughly $300 every time someone chose to pay to decrypt their computers. The real cost, however, is far greater when you include lost productivity and the work required to recover systems impacted by WannaCry. Estimates ranged from hundreds of millions of dollars, even into the billions.
The first line of defense against any cyberattack or phishing attempt is proper security training for all employees. Foundational security measures include training employees to validate links before clicking them and verifying the identity and legitimacy of senders. For example, a common trick of hackers involves replacing or switching letters in email addresses to make them appear legitimate (e.g., lnap.com vs. inap.com). Every organization should have strong group policy objects set for their end users, such as enforcing unique passwords, limiting the installation of software and disabling forced system restarts.
One of the best ways to protect your organization from ransomware is to put in place Disaster Recovery as a Service (DRaaS) for your critical applications and infrastructure. DRaaS comes in different flavors, and which option you go with will depend on your recovery needs: i.e., Recovery Point Objectives and Recovery Time Objectives. Read our blog on RPO and RTO to learn about what these mean.
Regardless of how often you need to back up (RPO) or how quickly you need your applications to be online (RTO), DRaaS is a straightforward, effective way to neutralize the threat of ransomware.
Here’s how: DRaaS safeguards your physical and virtual systems by creating a functionally redundant environment that you can switch on in the case of any disaster. This minimizes downtime and its impact on your business, while ensuring that you have a “clean” environment that is safe from any malware—ransomware or otherwise.
If attackers do gain control of your systems, all you have to do is contact your DRaaS service provider to begin the recovery process. As an INAP customer, you can call, email or log in to your portal to immediately let us know what’s happened. We will work with you to verify what systems or files need to be recovered, confirm the recovery point you need, then begin a full recovery to overwrite the compromised environment. This process will usually follow a detailed runbook that is collaboratively designed when the DRaaS solution was first implemented as part of our white glove onboarding.
INAP offers two kinds of Disaster Recovery as a Service: On-Demand DRaaS and Dedicated DRaaS. Both offer redundancy and protection from ransomware—built on our secure, high-performance private cloud. We also offer disaster recovery testing to evaluate your DRaaS solution’s efficacy in a realistic scenario, in addition to a white glove onboarding service.
With a DRaaS solution in place, you can feel confident that your environments are safe from would-be hijackers and, most importantly, costly downtime—whether caused by ransomware, natural disaster, human error or anything else.