How Australian businesses can use disaster recovery to help defeat ransomware
- 08 August, 2016 04:36
Ransomware attacks are hitting Australian businesses hard. Just this month, thousands of Australians were targeted by a ransomware email scam purporting to be from energy company AGL, sending a fake bill and prompting the recipient to click and download a copy.
According to Trend Micro, Australia has been one of the primary targets for a major exploit kit ransomware infection over the past two months, with more than 224, 000 ransomware attacks in the April/May period.
As data becomes more and more valuable, organisations locked down by ransomware are being forced to pay cyber criminals to return to business as usual. Above all, businesses need to get back to work, and quickly. The dilemma faced is to either pay out and move on, or face a period of uncertainty, interruption data loss and downtime while services are restored.
Many organisations may think they have solutions in place, but as malicious IT attacks become more and more sophisticated, no company is safe. Effectively overcoming ransomware means being able to recover critical applications and data within minutes.
Backup solutions and firewalls alone do not offer this. Businesses need comprehensive business continuity (BC) and disaster recovery (DR) capabilities that deliver consistent and complete recovery processes.
When a disaster like ransomware does strike, it is the first few minutes that are critical. Businesses need to be able to recover within those minutes, not hours, and as completely as possible. Relying on incomplete backups taken 24 hours previously could result in a full day of lost data and take hours to restore, leaving businesses with data loss and downtime they cannot afford; both of which could have been avoided.
For many organisations, IT security is often viewed as simply the prevention of intrusions. A more comprehensive approach, particularly in the fight against ransomware, involves considering IT security strategy as a three legged stool; the detection of attacks, prevention of intrusion, and fast recovery of critical data and applications such as SAP, Oracle, or SQL to ensure uninterrupted business operations.
Advanced DR platforms can help to avoid costly outages by allowing organisations to go back in increments of seconds to the point before a file, application, or folder was corrupted, deleted, infected or held to ransom. This allows organisations to nullify ransomware and resume business as normal within a matter of minutes.
Protecting against cybercriminals with adequate security is of course the first line of defence. Teaming this with advanced DR can allow the business to recover from an outage or security attack by re-winding its virtual machines (VMs) to a point in time where the infection simply didn’t exist. This negates the need to pay any ransom and allows businesses to get back up and running within minutes, avoiding any costly downtime and data loss.
Organisations of all sizes can fall victim to ransomware attacks, but with a comprehensive BC/DR strategy in place businesses will be able to quickly and effortlessly regain control of critical IT infrastructures and applications. Having instant access to data and being able to recover critical files, data and applications renders ransomware attacks ineffective.
Matthew Kates is country manager for Australia and New Zealand at Zerto. Zerto provides disaster recovery and business continuity software for virtualised data centres and cloud environments.