In 2023, recovering from a ransomware attack cost on average $1.82 million-not including paying any ransom-and some organizations get hit more than once.
If you're hit, you generally have to choose between paying that ransom or restoring your data yourself.
Nearly every expert advises you not to pay up, for a variety of reasons, most importantly, the cybercriminal may not honor their promise to release your data.
Secondly, criminals can take their sweet time giving victims the encryption keys, meaning you don't get immediate access to your data even after paying.
Recent research from Veeam said backups were targeted in 93% of ransomware attacks, and this was successful in 75% of cases.
When backups are disabled prior to or during a ransomware attack, there's not much you can do besides pay the ransom.
If you are relying on your own ability to recover from a ransomware attack, there are some ways you can better prepared, and issues to watch out for.
The fallout from a ransomware attack on City of Dallas in May this year is still making the news.
It has recently come to light that over 26,000 people were affected by the attack orchestrated by Royal ransomware group.
Information including names, addresses and medical information is among the data exfiltrated by the threat actors.
Data protection approaches vary, and there are many of them.
Your backup is a point-in-time copy of your data that is created and stored in a different location.
Backups are effective for recovering from a ransomware attack because you can restore a copy of your data that was created prior to your systems being infected by malware.
Your only loss will be very recent data that was created or changed since that last good backup.
Redundant systems contain identical copies of all data in all locations.
Many victims of attacks believed they could restore from a redundant copy and found out they were doubly unprotected.
Human error is usually the cause of ransomware attacks.
Human input is still required for most technologies to function properly, including data protection.
Over the past five years, major ransomware attacks have been attributed to human errors such as these, as well as accidental deletions, failing to add a new server or system to the backup application, failing to update or patch systems, and failing to validate that third-party integrations are functioning.
While we can't always prevent a ransomware attack, we can certainly implement the proper defenses, and adjust our behaviors, to ensure a recovery.
This Cyber News was published on www.cybersecurity-insiders.com. Publication date: Thu, 21 Dec 2023 03:13:08 +0000