Recovery fundamentals in the event of a worldwide ransomware cyber-attack

Danny Allan, VP of Cloud and Alliance Strategy

Published date: May 15, 2017

The event that has been named the “largest hacking in history,” where more than 100,000 ransomware attacks affected 150 countries last Friday, reads very much like a script from a Hollywood blockbuster. However, these events occurred and had very real effects on the victims.

The attacks have been stopped since writing this post, but the experts warn that “copy cats” could be encouraged to try this again.

While the majority of focus has been on the source of the vulnerability and the group responsible for these attacks, organizations need to consider what should be done to ensure that these kinds of attacks cause minimal disruption to their applications and systems if they happen again.

As with all malware and ransomware related attacks, a solid defense plan includes aspects of people, process and technology. While user education and strong patching processes are essential components of the plan, they are not sufficient. It is also clear that simple backups are not enough to ensure true enterprise Availability. A once-nightly backup to tape leaves a great deal of data exposed to loss, and recovery can take hours or even days. Few organizations, especially in health care, can tolerate that kind of downtime.

Companies need to move from traditional backup to Availability, so that they lose no more than 15 minutes’ worth of data, and can get applications up and running again in 15 minutes. Plus, they need to follow the 3-2-1 Rule: 3 copies of data on 2 types of media with 1 copy off site. If they implement true Availability and the 3-2-1 Rule, even if an attack penetrates an organization’s cyber defenses, they might be able to manage and fix the outcome of the attacks, while keeping downtime to a minimum.

In a report commissioned by Veeam, a terrifyingly high number of enterprises — 77% to be exact — cannot meet expectations for uptime due to insufficient protection mechanisms and policies. Plus, companies state that they can only tolerate an average of 72 minutes per year of data loss within “high priority” applications, while they actually experience an average of 127 minutes of data loss. Costs of downtime are ballooning. The cost of this unplanned downtime can cost organizations up to $22 million a year on average. And, the costs aren’t just limited to financial. In the case of the events that occurred last week, it can also mean patients’ private data.

Find out more about ransomware preparedness and recovery fundamentals — download our FREE Conversational Ransomware Defense and Survival e‑book from Veeam and Conversational Geek.

See also

October 10th

3 Essential characteristics of managing planned downtime

October 5th

Veeam and NetApp: A partnership forged by change

September 27th

“Stacks” of Innovation from Veeam and Microsoft

September 25th

Ten years of the iPhone: Where are we today?