Ransomware & Disaster Recovery

Are you interested in more robust Disaster Recovery measures without having to manage the technology yourself? Disaster Recovery as a Service (DRaaS) provides all the capabilities you need, but as an outsourced service, saving you in both money and other critical resources.

Disaster recovery should be a primary concern for organizations of all sizes and types. No matter what the cause, when your business is taken offline, you have to know that you can return to your work quickly, without any subsequent data loss. 

Kraft Technology Group’s President Don Baham recently joined AJ Kuftic, Principal Technologist, from Expedient on a webinar to talk about ransomware and Disaster Recover as a Service (DRaaS). Check out the full recording here to learn more:

YouTube video

What Causes Data Loss?

  • Hardware Failure causes 40% of data loss incidents. Hard drives fail every day for a variety of reasons. While some failures occur simply because the hardware becomes worn out, others fail prematurely due to external factors like overheating or water/fire damage.
  • Software Failure causes 34% of data loss incidents. Similarly, errors with your software can be just as detrimental to your data. Running too many programs at once, or relying on outdated or unstable software can quickly lead to a crash, which will often lose any unsaved work you had open when the program crashed.
  • Power Outages cause 35% of data loss incidents. The fact is that mother nature doesn’t care if you backed up your work or not. A server room flood, vital infrastructure being knocked out by winds, and even worse during a major weather event can knock out power. These disasters can quickly erase both local and offsite data reserves if your backups aren’t far enough away from your offices.
  • Human Error causes 20% of data loss incidents. Every day we create, update, save, and delete files; it’s just part of our everyday business life. It’s no wonder that sometimes, we delete files or overwrite files by accident. It’s just the cost of doing business.

However, in addition to these non-malicious causes of data loss, you also have to be on the lookout for cybercriminals using weapons such as ransomware.

What Is Ransomware?

Ransomware is a type of malware that encrypts the target’s data (making it unreadable and inaccessible) and holds it for ransom. It targets all data on the target’s systems, making it impossible for them to ignore until they pay the ransom, or wipe the data.

That’s why any protective measures you employ should help to limit the possibility of ransomware entering your systems, as well as providing redundancies for when it does.

There are are a range of ways that hackers trick targets into downloading ransomware:

  • Phishing: Phishing is a hacking technique that “fishes” for victims by sending them deceptive emails. Phishing attacks are often mass emails that include ransomware as an attachment.
  • Malvertising: Hackers have found vulnerabilities in many popular, modern browsers like Google Chrome and Mozilla Firefox. They spam users with official-looking pop-ups informing them of an “infection” or “security alert,” prompting them to download a file or click a link. That’s where the ransomware comes into play. As with so many of these methods, it just comes down to getting the user to interact with malware in some way without knowing it.
  • Remote Desktop Protocol: RDP is a known infiltration point for cybercriminals, especially for unpatched systems.
  • 3rd-Party Remote: Many cybercriminals are attacking third-party remote-control tools as they know that once they can gain access to a remote control tool, they will have access to several machines that can be infected.
  • Out Of Date Hardware: Many of the most common malware and viruses used by cybercriminals today are based on exploiting those programming flaws; to address this, developers regularly release software patches and updates to fix those flaws and protect the users.

Major ransomware attacks keep happening for one simple reason: they’re effective. You’ve probably heard plenty about what a ransomware attack can cost an organization like yours. According to Beasley Breach Response’s 2019 noncompliance report:

  • The average ransomware payout is $116,000
  • The highest ransomware demanded by cybercriminals was $8.5 million
  • The highest ransom paid by a target organization was $935,000

Threats like these are why you need to take every possible step to protect your data.

Disaster Recovery As A Service (DRaaS)

Investing in DRaaS allows you to replicate the hosting of physical or virtual servers managed by a trusted third-party to provide failover in the event of a man-made or natural catastrophe. The key benefit is that you don’t have to manage the technology or processes involved in Disaster Recovery – you outsource it entirely. 

DRaaS can be very beneficial to business owners, as it allows you to eliminate the high cost of purchasing software and hardware to support your disaster recovery efforts. Your third party will install, configure, host, and provide help desk service for all of your software applications. They’re responsible for making sure that all updates and patches are completed on time.

Like this article? Check out the following blogs to learn more:

The Need for Cybersecurity Expertise at the Board Level for Banking

The new Health Industry Cybersecurity Practices (HICP)

NIST’s Small Business Cybersecurity Corner