Ransomware + Data Backup Strategies
Latest Ransomware Attack
As you might be aware, there was a highly publicized ransomware attack that occurred over the holiday weekend. This particular attack targeted Managed Service Providers (MSPs) that used an on-premise version of Kaseya’s VSA software, which is used to remotely manage workstations and servers. https://www.zdnet.com/article/kaseya-ransomware-attack-1500-companies-affected-company-confirms/environment
We don’t have any reason to believe that our clients were impacted by this event as we do not use any Kaseya products. We have been monitoring communications from our remote management vendor who has shared that they have measures in place to protect against these sorts of breaches. IT professionals (whether part of a large internal team or MSPs, like us) rely on this technology as part of what we do and providing services would be nearly impossible in its absence. The rewards of having properly-patched and maintained machines typically outweighs the risks of events such as these. That said, it is a single point of failure.
Data Backups: Why You Should + Strategies
If you are unfamiliar, ransomware is a piece of malware that takes files on a device and encrypts them so they are no longer accessible. Then a message comes asking for a ransom to release your files. These attacks can come through a program already installed on a device, such as the recent attack referenced above, but they are typically encountered when a file containing malware is mistakenly downloaded (e.g. from an email or a pop-up encountered when browsing the internet). Ransomware can act instantaneously or, in some cases, can “hang out” as a file on your device for a set amount of time before encrypting your files. Our post “Combating Ransomware” has more information and outlines four steps every small business should take, one of which is reliable data backups.
Having a good backup of your data means that you will not be stuck paying a ransom because you will have an unencrypted copy of your files. If your office has a server, backing up to a rotating set of USB hard drives that are taken offline once a week is the easiest approach. Having this data offline provides the ability to restore servers from anywhere between 1-5 business days from when a disaster occurs (in the event the most recent backup was compromised). For offices that utilize cloud offerings (Egnyte, Sharepoint, etc), file versioning is the easiest option for recovery. While these are good first steps, we are proponents of having multiple backup mediums in place (local to removable, local to cloud, cloud to local, etc) if possible.
If you have any questions or would like to learn more about what options are available to improve backups for your organization, please reach out. Don’t wait until it is too late!