Ransomware

5 Ways to Prevent and Recover From Ransomware

March 10th, 2022

Maybe you’re one of the 77 percent of respondents to a recent ExtraHop survey of security and IT decision-makers (ITDMs) in the US, UK, France, and Germany who feels highly confident in your organization’s IT security readiness. But the same survey found that 64 percent of those same ITDMs acknowledge that at least half of their cybersecurity incidents resulted from their own outdated IT security solutions. Even worse, 85 percent of respondents had suffered at least one ransomware attack in the past five years, 74 percent have experienced multiple attacks, and 42 percent paid the ransom.

Those are staggering numbers. And if you’re a security pro or ITDM, it should be a glaring sign that it’s probably time to take a closer look at your disaster recovery strategy and backup system to make sure everything is up to date and able to prevent the loss of mission-critical data.
 

1. Keep Software Patched to Prevent Known Vulnerabilities

One of the more exasperating reasons ransomware attacks succeed is the failure to keep software patched and updated. The ExtraHop survey noted that 68 percent of ITDMs admit to running SMBv1. First introduced by Microsoft in 1996, this file-sharing protocol lacks modern security protocols. Hackers consider this vulnerability to be an open invitation to attack, leading to more than $1 billion in cyberattack damages.  

A more recent example is the Log4j vulnerability found in the Apache logging framework. Web and server application developers commonly use Log4j, so the threat is widespread and extremely dangerous. But that’s just one vulnerability among hundreds. The Cybersecurity & Infrastructure Security Agency (CISA), part of the Department of Homeland Security (DHS), offers a list of 478 exploited known vulnerabilities in its online catalog, adding 95 more to this list just this week.

In a recent blog post, Security Week says 2022 will most likely be a record year for the number of common vulnerabilities and exposures (CVEs) reported—more than 22,000. As the post points out, many organizations are finally dedicating time to basic cyber hygiene. The point is clear: It’s time to audit all of your software and hardware to confirm everything is patched and up to date.
 

2. Update and Test Your Disaster Recovery Plan

Forrester’s 2022 State of Disaster Recovery Preparedness just released a new study with some good and some bad news. The good news is that more than 80 percent of respondents said they have some kind of disaster recovery (DR) program, and 48 percent update DR plans annually. The bad news is that nearly a quarter of respondents update their DR plans only every two years or less. Now is the time to dust off your DR plan and make sure you’re prepared for evolving ransomware threats.

Of course, your plan will have little value if it doesn’t work properly when you need it. That’s why you need to schedule regular tests of every aspect of your disaster recovery plan, from your backup and recovery capabilities to your physical recovery procedures.

3. Follow the 3-2-1-1 Rule

We frequently bring up this update to the old 3-2-1 rule in our posts because we believe it is crucial for data recovery. That’s because hackers are now targeting backups more often, preventing you from getting things back up and running from restored, uncompromised data. The new 3-2-1-1 rule eliminates that problem with a layered strategy: keep three copies of your data (one primary, two backups), with two copies stored locally on two formats (network-attached storage (NAS) or local drive), and one copy stored offsite in the cloud or secure storage. The final “1” is what makes all the difference in the world when it comes to backups because it states that one copy should be immutable. Immutable backups can’t be altered or deleted by unauthorized users.
 

4. Put a Multi-Layered Backup Data Protection in Place

A proactive, multi-layered approach to data protection that includes immutable backups protects and immunizes your backup data from ransomware and other cyberattacks. Arcserve solutions do just that. Here’s how:

Detect, Prevent, Protect, and Neutralize

Arcserve ransomware recovery solutions integrate Sophos Intercept X Advanced to secure your on-premises, cloud, and SaaS-based backups. By detecting signature-based and signatureless malware using a deep learning neural network, anti-exploit technology, CryptoGuard anti-ransomware, and WipeGuard technologies, you can count on continuous detection and prevention.

Arcserve’s heterogeneous, image-based technology protects your data in transit to and from any target. By combining enterprise-ready features with ease of use, data protection is simpler. And you can easily scale up or down based on demand and turn features on and off without forklift upgrades while threats are neutralized.
 

5. Consider Disaster Recovery as a Service

A cloud-based backup and disaster recovery as a service (DRaaS) solution should be a leading contender for protecting your on-premises business systems and data. While local backups may make it possible for you to recover IT systems from server failure or other common problems, a sitewide disaster—like ransomware—could destroy those backups. The result is likely to be too much costly downtime.

When you combine Arcserve’s backup and recovery solutions with Arcserve Cloud Services DRaaS, you can count on complete and reliable business continuity. Besides streamlining data backup and recovery management, Arcserve DRaaS lets you get critical systems back up and running quickly and easily.
 

Fight Back Against Ransomware Now

Get expert help in finding the right data recovery and ransomware protection solution for your business by finding an Arcserve technology partner. To see for yourself how Arcserve DRaaS can help you sleep better at night, check out our on-demand demos.