To recover from ransomware, be careful with data protection products
Anyone who follows data protection vendors and analysts on Twitter can't go a day without seeing several items about ransomware attacks and recovery.
Ransomware has reached an epidemic level, with attackers demanding a ransom -- ranging from hundreds to thousands of dollars -- to unlock encrypted data. Statistics are quite varied, but the FBI estimated that ransomware would become a billion-dollar industry in 2016. As many experts advise against payment, users are exploring other ways to recover from ransomware and increase their protection.
Lots of vendors push products they claim will help users recover from ransomware attacks, but you have to be careful. As data protection analyst Jason Buffington told SearchDisasterRecovery in January, simply stating a product can help an organization recover from ransomware "is no different from saying you can recover from a forest fire or a server failure." A ransomware attack is a lot different from a server failure, so having the right features is imperative.
One way to improve your data protection is to use a product that has malware detection. Like Don Corleone in The Godfather, you should insist on hearing bad news immediately. The earlier ransomware is detected, the better. Hopefully you're backing up content frequently, and to different locations, so you can restore to a point in time just before the infection.
While some capabilities have been built into data protection products to specifically help organizations recover from ransomware attacks, it's surprising there aren't more, especially considering all the talk about the issue. Hopefully, more vendors will offer products tailored to ransomware protection and recovery, since the problem isn't going away soon.