As ransomware continues to evolve into the number 1 threat for most organisations, it is putting everyone at risk. But businesses are failing to keep up to date with developments in order to stay protected and defend against new and changing threats.

We take a look at what you should be doing right now.

How is ransomware evolving?

Ransomware is malicious software (malware) that’s designed to encrypt files within a device to render the files, systems and network unusable. A ransom is demanded in exchange for a decryption code. It’s low cost, high profit operation, and so has become a favourite tactic for criminals, although paying the ransom remains an ill-advised solution and rarely results in a full recovery of stolen data.

According to the Verizon Business 2022 Data Breach Investigations Report (2022 DBIR), ransomware breaches increased by 13% – which is more than the total for the previous five years. The human element continues to drive breaches, whether through use of stolen credentials, phishing or simple errors, evident in 82% of cyber breaches. Also on the increase, heightened geopolitical tensions are driving higher sophistication, visibility, and awareness around nation-state affiliated cyberattacks.

With threats increasing, there’s never been a better time to get the basics right – assess your exposure, mitigate risk, and take appropriate action.

The latest ransomware developments

This year’s edition of the Annual State of Ransomware 2022 by Sophos reports that 66% of organisations have been hit by ransomware in 2021, which was an astonishing 78% increase over the previous year. A very high 86% of businesses affirmed that a ransomware attack had lost them business or revenue, and 90% said an attack impacted their ability to operate.

Sophos reported that payouts have increased to an average of $812,360, and 46% of victims paid out some sort of ransom – even though this isn’t necessarily the best response. And with average recovery costs running at $1.4M, the effects on your organisation can be devastating.

While in the aftermath of an attack there is intense pressure to get back to operating levels as quickly as possible, with the right considered approach to regular and accurate backups it might still be possible to move to a full recovery without conceding to ransomware demands.

What can you do to prevent your data being corrupted?

Corrupted data is one of the most common causes of data loss, which has the ability to impact business continuity and damage your bottom line, even without external threats.

With awareness, forward planning, and prioritisation, it is possible to defend against most instances of corrupted data, by taking these steps:

  • Analyze your security to find the security gaps and set up active monitoring of data. Strengthen your protocols, regularly change all passwords, and take the opportunity to educate your staff in future prevention.
  • Ensure you have an active air gap between primary and secondary data. With this in place your primary may become corrupt, but attackers will be unable to corrupt your secondary/backup data.

How can you ensure you can recover in the event of an attack?

Planning for recovery means that you’ll be ready to act if you are under threat. Here are the top three things you should do:

  • Set up a cyber incident response plan: a good plan will clearly assign team and individual responsibilities and contain all the necessary steps your organization should take to recover as painlessly as possible.
  • Use safe backups to resume operations and recover or rebuild lost data: restoring clean data onto a clean network is critical to ensuring the threat is completely removed.
  • Test your backups regularly to ensure you are able to recover critical systems.
  • Provide the ability to recover systems into an isolated environment so analysis can be performed on systems that’s have been or you suspect have become corrupt.

Try Cristie NBMR with your Dell EMC Networker installation

Having a high-quality backup system means you can quickly regain access to breached or lost data and get systems speedily up and running again.

Cristie provide recovery solutions that integrate with Dell Networker and Cyber recovery offerings, including recovering systems backed up within the Dell cyber vault.

Cristie solutions provide fully automated recovery testing into an isolated environment where enhanced tests or corrective actions can be performed away from the production environment.

Part of our BMR software suite, Cristie NBMR software protects your critical servers by recovering them directly from your Dell EMC Networker backups.

As part of your readiness planning against future attacks, you can try out the software for yourself.

We have three great options for you:

Enjoy trying out NBMR , and be reassured that you’ll be ready to prevent and quickly recover from ransomware attacks with a comprehensive and secure backup system.