Ransomware is a disaster that costs businesses nearly two million dollars (US) per incident.
At Veeam® we believe secure backup is your last line of defense against ransomware. Our software is secure by design because having a reliable backup can be the difference between downtime, data loss and paying a costly ransom.
Multiple layers of immutable storage in the cloud and on premises for end-to-end protection.
SureBackup automatically tests your backups to confirm the data is malware-free and can be recovered.
Is a guiding principle to create resilient data security programs that defeat ransomware.
We give you the tools to make recovery the faster and more cost-effective option to paying a ransom.
Veeam pioneered Secure Restore to verify your data is malware free and ready to recover.
Easily create and document DR plans, with automated testing and visibility into your DR readiness.
Your Single Backup and Data Management Platform
Be confident your data is protected and always available across on- premises, edge and cloud.
The integrated solution for enterprise scale backup, recovery and monitoring to meet both your protection and analytics needs.
Automate disaster recovery processes with the powerful capabilities of Veeam Backup & Replication.
Analysis of paying ransom vs. rapid recovery and future outlook on data protection
Ransomware Protection Demo Series
6 short demo videos on the newest backup and recovery capabilities
5 Ransomware Protection Best Practices
Assess cybersecurity risks and master the evolution of ransomware attacks.
Ransomware Prevention Kit
How to prevent, detect and recover from ransomware.
Veeam backup products are known for being simple, flexible and reliable — attributes that are key to your resiliency efforts. When it comes to a ransomware incident, resiliency is completely predicated on how you implement your Veeam backup infrastructure solution, the behavior of the threat and the course you take in remediating the threat.
To find implementation recommendations for ransomware resiliency, explore the following guidance:
At Veeam, our approach to remediating ransomware is this:
Don’t pay the ransom. Restore the data — this is the only option. In spite of all of the education and implementation techniques that you may employ to stay resilient against ransomware, you should be prepared to defend against a ransomware incident if a threat is introduced. But what you may not have thought about is specifically what to do when a threat is discovered. Here are a few recommendations for remediation to have at your disposal should a ransomware incident happen:
VEEAM SUPPORT
There’s a special group within the Veeam Support organization that has specific operations to guide customers through restoring data in ransomware incidents. Since you don’t want to put your backups at risk, having this support is critical for your ability to recover.
COMMUNICATION FIRST
In disasters of any type, communication becomes one of your first challenges. Have a plan for how to communicate out-of-band with the right individuals. This plan can include group text lists, phone numbers or other mechanisms that are commonly used for on-call but expanded for an entire IT operations group.
EXPERTS
Have a list of security, incident response, identity management, etc. teams ready to contact if needed. They can be within the organization or external experts. If a Veeam service provider is used, there are additional value add-ons to their base offering that can be considered (such as Veeam Cloud Connect Insider Protection).
CHAIN OF DECISION
In recovering from any disaster, who makes the call to restore, to fail over and so on? Have discussions about this decision authority beforehand, so your chain of decision is ready to deploy should an incident arise.
READY TO RESTORE
When it’s appropriate to restore, implement additional safety checks before putting systems on the network again. Additional steps can include restoring with network access disabled for a final check.
RESTORE SAFELY
Veeam Secure Restore will trigger an antivirus scan of the image before the restoration completes. Veeam Secure Restore uses the latest antivirus and malware definitions, with the option of an additional tool, to ensure a threat is not reintroduced.
FORCE PASSWORD RESETS
While it’s not always popular with users, implementing a sweeping forced change of passwords reduces the threat propagation surface area.
According to Veeam’s 2022 Ransomware Trends Report, 44% of ransomware attacks began with a phishing email that either directed the user to a malicious website or caused them to open a malicious file directly on their computer. Phishing emails have become extremely convincing over the past few years and have evolved to use communication methods other than email. No matter how a phishing message is delivered, the end goal is to drive a sense of urgency to get the user to click without thinking.
Learn more about what you can do to spot phishing attacks.
2022 Data Protection Trends
The largest data protection industry report from 3K+ IT leaders