With the threat of ransomware continuing to grow, the FBI has released guidance on how to protect your organisation from this costly criminal activity. Their top piece of advice? Backup your data offline, on a storage medium such as tape media.
In 2019, it has become almost impossible to ignore the onslaught of news about ransomware attacks, with some large organisations already falling victim.
Organisations such as Boeing, FedEx, Honda, NHS Scotland, Renault and Telefonica - as well as many US State Governments - have all been affected by ransomware attacks since May 2017.
Ransomware is the name given to a type of malware attack, in which a victim’s computer is locked by encryption, making all systems and files inaccessible. In order to restore access to the computer and decrypt the files, the criminals behind ransomware attacks demand payment from victims, in the form of a ransom.
Some ransomware attacks, such as WannaCry, also threatens victims with a countdown timer which raises the cost of the random if they do not act, and with the prospect of all computer files being deleted after 7 days.
Ransomware malware spreads from computer to computer and from victim to victim in a number of ways, but most commonly through email attachments. Computers can also be infected with ransomware through infected software, infected external storage devices and compromised websites, as well as through remote desktop protocols.
Attackers are typically indiscriminate in the organisations they target with ransomware, as the more computers they can lock down with their malware, the greater their chances of making money by way of digital ransom payments. This is just one of the many reasons why the spread of ransomware has become so prevalent recently.
In May 2017, the WannaCry malware infected more than 250,000 systems globally. Since then, similar threats have continued to infect computers, hold data hostage and demand payment from many thousands of organisations and individuals.
So what can be done to protect your organisation against ransomware?
In a Public Service Announcement related by the FBI in October 2019, the Bureau outlined a number of steps that the public and organisations should take to protect against ransomware.
The advice included:
- Regularly back up data and verify its integrity. Ensure backups are not connected to the computers and networks they are backing up. For example, physically store them offline. Backups are critical in ransomware; if you are infected, backups may be the best way to recover your critical data.
- Focus on awareness and training. Since end-users are targeted, employees should be made aware of the threat of ransomware and how it is delivered and trained on information security principles and techniques.
- Patch the operating system, software, and firmware on devices. All endpoints should be patched as vulnerabilities are discovered. This can be made easier through a centralized patch management system.
- Ensure anti-virus and anti-malware solutions are set to automatically update and that regular scans are conducted.
The FBI’s full guidance can be read here
If you’re an IT professional, it’ll come as no surprise to you that the FBI’s number one piece of advice for protecting against ransomware is to regularly back up data offline.
With malware able to not only infect computers but also online backup devices, such as services and hard drives, only offline backups are truly protected against the threat of ransomware.
When the FBI says to “physically store [backups] offline”, it can be assumed that they’re pointing organisations in the direction of backup tape media.
Tape media is one of the only true forms of offline backup storage. With no moving parts, tape is far less likely to corrupt when compared with digital backup methods, and can comfortably backup and archive data for many years.
In addition, tape media is by far the most cost-effective form of offline data storage.
This makes backup tapes the perfect antidote to the threat of ransomware attacks.
With data backed up offline regularly, the damage of a ransomware attack can be limited. That being, the criminals with control of your computer will have no leverage over your organisation or its data, meaning that you’re free to wipe your devices and start again, safe in the knowledge that your tape backups store all of the data you need.
The threat of ransomware is only set to get bigger, and the costs associated with falling victim to this high-stakes crime aren’t set to subside anytime soon. With that in mind, now is the time for organisations to take seriously the threat and put in place the steps recommended by bodies such as the FBI.
Want to learn more about tape media offline backup and how it can help your organisation protect against falling victim to ransomware attacks?
Insurgo Media Services are the tape media experts – phone us today to discuss how we can help you beat the Ransomware Epidemic – +44 (0)1495 372 000.