The debate of whether or not organisations should pay ransoms to cybercriminals in return for their unencrypted data has been going on for years. On one hand, as data is now the lifeblood of almost all organisations a successful ransomware attack can mean business closure. However, succumbing to the ransom is only fuelling the cybercrime economy which is now estimated to be the 3rd largest in the world. But a recent report into ransomware attacks may add weight to the notion of never paying the ransom.
The Sophos’ State of Ransomware 2020 report has found that the recovery costs resulting from a ransomware attack is almost double if the victim organisation pays the ransom (£1.1 million) compared to if they don’t (£593,000).
Mitigating Ransomware Attacks
There are two main security areas that organisations can bolster in order to better protect themselves from ransomware attacks; security awareness training for employees to identify potential phishing emails and air gap data backup solutions to secure your data should an attacker get into your network.
Security awareness training is key for any business trying to successfully defend against cyber threats and an accompanying simulated phishing service can highlight the vulnerabilities in your workforce before they’re exploited in real life. A simulated phishing attack is sent to your employees and the results of clicks or logins submitted are compiled into a tailored report for visibility into your weakest areas. Should employees click on the simulated phishing email, they will be notified and directed to a training page on how to spot a phishing email.
Whilst educating employees can help mitigate a successful cyber attack, humans aren’t flawless and businesses need to be prepared for a successful network breach. That’s where an air gap backup solution comes in to play.
What is an air gap?
An air gap is the storage of data that is isolated from the internet or LAN, so why is it powerful? A hacker who has gained entry to your network remotely (via the internet) will not be able to access any air gapped data backup as there is no connection to access the data. Air gapping is essentially building a moat around your data and should you be hit with ransomware, your air gapped back up data will be untouched (and more importantly unencrypted). There are, however, challenges to using an air gap backup solution given it’s very nature of not being connected to the internet or LAN. These are better explained by Celerity’s storage and data protection expert, Darren Sanders, in an episode of Security Panel – ‘Securing Your Data Backups’.
Ransomware attacks are not going away anytime soon, but with a security aware workforce and the appropriate security tools implemented you can help mitigate the risks posed by them. If your IT department is maxed out or does not have the skills to manage these tools, then you can partner with managed cyber security services partner like Celerity to alleviate some of the pressures. Speak to us today and let our team of security experts be an extension to your organisation’s IT department and fill in those resource gaps.