Essential Guide
Recovering from ransomware: Defend your data with best practices
Not every organization needs to worry about disasters like hurricanes or floods, but ransomware attacks are a threat regardless of region. Recovering from ransomware is no simple task, but help and guidance are out there.
Introduction
The first step in recovering from ransomware is probably along the lines of "don't get attacked by ransomware," but as time goes by, that seems to become less of a possibility. The ransomware threat isn't going away and is actually evolving. Frankly, the best strategy for recovery might be to prepare for the worst.
According to the 2018 Verizon Data Breach Investigations Report, ransomware is the most prevalent form of malware attack, up from its spot at No. 22 in 2014 and No. 5 just last year. This rapid ascent up the ranks shouldn't come as a surprise to anyone keeping up with data protection news, but that doesn't make it any less alarming. Ransomware can be a costly disaster to recover from, even if you don't pay the ransom. In fact, the first rule of ransomware recovery should actually be "don't pay the ransom." There's no honor among data thieves, and payment does not guarantee the release of your data.
So, what is there to do? Plan ahead, for starters. As ransomware evolves, a simple backup plan won't cut it anymore, and you have to keep recovery in mind early on. Whether your data storage of choice is cloud, tape, disk or flash, you need to have a recovery plan catered to ransomware in particular. Unlike natural disasters, ransomware attacks can strike any organization in any region, and the results can be disastrous.
Your priorities when recovering from ransomware will likely differ based on your organization's needs. In many cases, it's not just a matter of getting your data back, but complying with data protection regulations or agreements. Whether your priority is business continuity (BC), compliance or simply getting your data back as quickly and cheaply as possible, this guide should help you gauge the threat ransomware poses for you and understand how prepared you are. Don't forget to stick around until the end, where you can test what you've learned with our ransomware recovery quiz.
1How big is the threat?-
Ransomware in the news
Is the onslaught of ransomware attacks a true crisis or overblown by observers? Unfortunately, headlines lean toward the former. There are methods that can help organizations prepare for and recover from ransomware, but as the technology being used by attackers evolves, the costs are proving to be high.
City of Atlanta reveals costs of recovering from ransomware
Total costs to remediate the 2018 Atlanta ransomware attack have been revealed to be more than $5 million, with expenses continuing to rise as contracts move toward protection. Continue Reading
Ransomware discussion takes stage at VeeamON
Protection and recovery from ransomware continue to be important parts of an overall backup and disaster recovery (DR) strategy. Advice, like ransomware itself, is constantly evolving. Continue Reading
The true cost of ransomware recovery
Estimates of recent ransomware attacks may be overblown. But indications are that companies have lost hundreds of millions from the WannaCry and NotPetya viruses. Continue Reading
Ransomware neutralizing backups as recovery option
Recent ransomware variants have undercut data backups, often used in the ransomware recovery process. Is it possible to overcome these vulnerabilities? Continue Reading
How ransomware changes have revealed new threats
Ransomware variants like WannaCry and NotPetya have introduced destruction-of-service attacks that make recovering from ransomware even more difficult and costly. Here's what you need to know about them. Continue Reading
Ransomware operations becoming more sophisticated
Ransomware attackers are no longer relying on simple phishing emails and are stepping up their game with new tactics. At the (ISC)2 Security Congress, experts discussed these changes and how to keep up. Continue Reading
2What can be done-
Recovery tools and methods
Recovering from ransomware is no easy process, but there are a number of tools on the market that can provide some assistance. It's not enough to simply back up data; a full backup and recovery strategy is vital to dealing with a ransomware threat.
Rubrik offers 'push-button' approach to ransomware recovery
Polaris Radar from Rubrik not only monitors data on premises and in the cloud and generates alerts for suspicious behavior, it automates ransomware recovery by restoring to the most recent clean copy of data. Continue Reading
Asigra converges security, data protection to confront ransomware
With Cloud Backup 14, Asigra converges security and data protection to fight and recover from ransomware that attacks data backups. Continue Reading
Iron Cloud adds 'CPR' to fight ransomware
Iron Mountain data recovery has taken on ransomware with the Iron Cloud Critical Protection and Recovery service that isolates data and features a cleanroom in the event of an attack. Continue Reading
Avoid paying the ransom for Bad Rabbit
Security researchers have learned more about the motivations behind the Bad Rabbit ransomware attacks and a potential way to recover data without paying. Continue Reading
Snapshots can help, but full recovery may require more
With snapshot-based backup, an organization can recover to a point in time just before a ransomware attack. But drawbacks do exist. Continue Reading
3Step by step-
Plans and best practices
A lot goes into the ransomware recovery process, and needs vary by organization. An SMB won't have the same needs or resources as an enterprise, and recovery compliance requirements may differ by industry. Delve into our tips and best practices on recovering from ransomware.
How enterprises can recover from ransomware attacks
Ransomware recovery can pose a challenge for enterprises, as there are several different options depending on the severity of the attack. Here, one expert dives into the nuclear options and the worst-case recovery scenario. Continue Reading
Five steps for successful SMB ransomware recovery
Ransomware recovery for SMBs shares some similarities with an enterprise response, but budgets are tighter and businesses are more susceptible to attack. Continue Reading
Planning tips for ransomware protection and recovery
Effective ransomware disaster recovery starts with BC/DR planning, education and proper security. This checklist provides important steps for enterprises. Continue Reading
Test your recovery plan before ransomware strikes
A ransomware recovery plan can help you ensure that backups are secure, and recovery point objectives and recovery time objectives are up-to-date, before an infection occurs. Continue Reading
4Terms to know-
Boost your ransomware vocabulary
Did some of the technologies or concepts in this guide sound unfamiliar? Interested in learning more about the complex world of ransomware? Check out these ransomware-related terms to get a refresher.
5Pop quiz-
Test your knowledge
You've read the guide and browsed the glossary. Think you know all there is to know about ransomware recovery? Take our quiz to find out.
Take our ransomware quiz now!
Start the conversation
0 comments