Let’s cut to the chase. It’s about both! So why ask the question? Simply because there is ample evidence that every business or organization (let alone individuals) is at the mercy of a crypto-locker attack. There are many variants that can affect one or many systems and network- attached drives. Prevention best practices and tools are the absolute first step. However, what do you do if that Trojan gets through and starts locking up systems, infecting file systems and asking for an unlocking contribution..I mean ransom?
The frequency and volume of these attacks is making this wave of cyber crime a very real concern for many organizations. This is not just another virus attack, it is essentially a criminal enterprise with logical data corruption events that stop the affected systems from being usable. If it is a crucial system to your operation, then this becomes a business continuity concern. Pure and simple.
Remediation is possible without opening your Bitcoin purse by using comprehensive backup and recovery software. Please see my other blog about best practices to protect your backup server. With the Arcserve UDP, you are uniquely positioned to get your systems back in the way they were before the attack, or to selectively bring back the data you need and bypass that boot locking mechanism for example. What about creating a “QA” environment to test the recovery? Keeping an offline copy of all your backups is easily done through UDP’s Jumpstart capability, or by making tape copies of your data store. Recover physical or virtual systems to dissimilar hardware or another VM – it’s piece of cake with our solution.
Ransomware is indeed about recovery, not just security.