How to Protect Against Ransomware Like ‘Wanna Cry’

One of the biggest cyberattacks in history ripped through more than 100 countries across the globe late last week, leaving nothing but damage in its wake. The “Wanna Cry” attack starting making rounds on Friday, May 12 and continued throughout the weekend.

The cyberattack hit public service, government and commercial businesses, according to Commvault, and left many in the enterprise wondering if they had implemented the proper backup and disaster recovery tools.

The moment an organization becomes the victim of an attack, decision makers typically have two options. They can pay up, and Commvault suggests making Bitcoin a line-item in your budget if this is your fallback, or implement your data recovery plan.

“Having a data recovery plan has always been a must, but what was once good enough may now leave you exposed in this new reality,” a Commvault blog post said. “In today’s world, the scope and complexity of ransomware attacks continues to escalate.”

The post went on to say that the complexity is doubled when vital business apps are running on older and often unsupported operating systems. A data platform is important given that it covers your core enterprise along with public and private cloud environments. Plus, this type of platform will also provide endpoint protection.

The following list of best practices was provided by Commvault to help you recover from ransomware attacks.

  1. Develop a program that covers all of your data needs.You must identify where your critical data is stored, determine your workflows and systems used to handle data, assess data risks, apply security controls, and plan for evolving threats. If it is not protected, it cannot be recovered.
  2. Use proven data protection technologies. You need solutions that detect and notify of potential attacks, leverage external CERT groups, identify and prevent infection, maintain a ‘GOLD’ image of systems and configurations, maintain a comprehensive backup strategy and provide a means to monitor effectiveness.
  3. Employ Backup and Data Recovery (DR) processes.Don’t rely solely on snapshots or replica backup. Your backup process data could just as easily be encrypted and corrupted if it is not stored in a secure way where a ransomware attack cannot get to it. If your process or vendors don’t offer ransomware protection that addresses the proper way to store your data, then your backup plan is at major risk!
  4. Educate employees on the dangers of ransomware and how to secure endpoints.Train your staff on all DR and data security best practices to get endpoint data protected within your Information Security Program. Most breaches are from good people making simple mistakes.

“Ransomware has proved to be one of the most effective ways to infiltrate an organization, and cyber criminals are increasingly becoming better at embedding viruses into innocent-looking email attachments. Today’s extensive cyberattacks on Britain’s National Health Service and the many cases before it, continue to reinforce the need for organizations to figure out how to classify, separate and wall off their data in order to reduce the risk of data being inappropriately accessed and permanently lost,” according to Commvault’s Senior Director of Solutions Marketing Don Foster. ” Discussions need to take place at the board level about an organization’s data recovery strategy and its intersection with its security and ransomware strategy in order to keep sensitive data out of the hands of the wrong people.”

Take a look at your current ransomware threat preparation and implement these steps if you haven’t already. If you find your business infected in the future, these items will help you recover in the fastest way possible.