https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • MSP 501 Rankings
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • MSP 501 Rankings
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Data Centers


Hacker

Ransomware: Paying Won’t Always Bring Data Back — So What Now?

  • Written by Channel
  • February 2, 2017
Shelling out bitcoin may free your customer’s files — or it may be money wasted.

Erica AntonyBy Erica Antony

Not a day passes without news about an organization being held hostage with encryption-based malware, aka ransomware. The Internet Crime Complaint Center reported that last year alone, ransomware events cost U.S. organizations $24 million. A recent Trend Micro report revealed that attacks on business emails and business processes will continue to grow in 2017 because they’re cheap and simple forms of corporate extortion. Another survey of SMBs by Kaspersky found that 67 percent admitted that they lost at least some business data to ransomware.

These statistics underscore a growing issue that’s impacting businesses of all sizes — one that executives cannot ignore and will inevitably fall to IT and partners to resolve.

I’m sure the irony of it isn’t lost on many in tech: The same tool that’s designed to help secure your data is now used against you in a criminal endeavor. Because of the way payloads are delivered and the fact that new strains of malicious code are created every day, it’s extremely difficult to prevent ransomware infection even with the most up to date antivirus. Adding insult to injury, once a customer’s data is locked, there’s no easy way out — you’d better have a Bitcoin wallet ready to pay up. Right?

Well, maybe not.

Historically, paying the ransom was successful in most cases. However, with the rising frequency of attacks, that is no longer certain, according to a new report by Carbonite that polled 618 SMB employees with responsibility for containing ransomware infections within their organizations. Of those who had been successfully attacked, just 55 percent say that once the payment was made, the cyber criminal provided the decryption cypher or key. The same number said with some level of certainty that the ransomware exfiltrated data. So clearly, paying up doesn’t always set everything right.

Currently, there’s no consensus on whether to pay ransoms. Even law enforcement, including the FBI, tends to waffle on the subject. I believe you don’t have to pay. Here’s why, and some tips on how to mitigate the damage from a ransomware event.

  • Do not negotiate or pay: While businesses often feel powerless to remedy ransomware attacks and decide to pay the asking price in exchange for an encryption key, giving in to demands may create more problems — attackers now often send bogus encryption keys to extort more money from businesses, destroy or corrupt sensitive files beyond repair, and share a company’s vulnerabilities with other malicious hackers who then demand more ransom. And on. And on.
  • Be proactive instead of reactive: Contrary to popular belief, ransomware is ultimately a data-recovery issue, not a security one. Businesses can, and should, defend themselves with high-performance threat detection solutions. However, there is no product that will stop ransomware 100 percent of the time. The good news is you likely already have a great solution in place to help you out: the good old backup function. Yes, ransomware is increasingly bringing the unsexy backup … back.

By giving a customer room to make its own decisions, you remove the need to negotiate with attackers should ransomware spread and infect business-critical data. An extremely effective way to approach ransomware from a disaster-recovery perspective is by implementing and regularly testing a robust recovery solution with traditional and cloud-based options to turn back the clock and restore business-sensitive data. No ransom needed.     

Want to learn more? Download our free report, DR in the Ransomware Age: Isolated Recovery, DRaaS snd Embracing IT Resiliency to find out how DRaaS solutions have revolutionized RTO and RPO, plus much more.

However, there are some gotchas and best practices to help organizations stay out of the ransomware headlines and keep business running as usual. Remember, backup servers are targets, too.

  • Back up and back up again: Many companies use backup tools to successfully recover affected systems and save their businesses from succumbing to encryption extortionists. With advanced data-protection solutions, they can recover a system from scratch and minimize data loss. Of course, they’d have to get rid of all the infected files and stop the virus from spreading first. But with regular backups, organizations can significantly reduce the amount of exposure and have confidence to recreate a clean system. After all, this is a logical strategy. Wouldn’t a business do the same if somehow it had corrupted a system and its data? The only difference here is the source of the problem.
  • Protect the source machine: Take precautions to prevent infection in the first place, such as training users not to click on links within emails or download attachments from unknown sources and updating software on a timely basis. Perform regular backups, which may include rethinking service-level agreements to ensure critical business data is backed up more frequently. As RPO and RTO windows are increasingly shrinking, businesses need solutions that meet all service level requirements.
  • Follow the 3-2-1 strategy for backup: One of the copies should be offline, and at least one should be off-site. Leverage technologies like virtual standby, enterprise storage-array snapshots and full-system replication, which are more available, integrated and affordable than ever before. These capabilities enable IT teams to achieve near-instant and continuous recovery of an entire system and make “rollback” more precise.
  • Protect the protector — the backup data: If the backup server gets infected or if backup data is on a shared network that is accessible from an infected machine, ransomware can encrypt backup data as well. Obvious but very important!
  • Replicate data to offsite/cloud: Periodically, copy recovery points to offline media. Consider leveraging tape as a backup medium for critical data (more sexy). This oldie but goodie comes in handy to send periodic recovery points offline.

In many ways, the onslaught of ransomware is the biggest threat to customers today; however, it also offers businesses an incentive to re-assess business continuity and disaster-recovery strategies to ensure no area has been overlooked. By combining a solid threat detection and malware eradication solution with a robust data availability plan, partners can equip customers for the fight against ransomware. It all starts by educating end users and applying best practices to protect their environment. And if organizations have total confidence in their data-protection solution, they can to go from infection to recovery without worrying about having to make the choice between paying or not paying during a ransomware attack.                                                        

Erica Antony has spent more than 15 years working with businesses on how to approach evolving and data loss challenges. She is currently VP of product management at Arcserve.

Tags: Agents Backup & Disaster Recovery Business Models Data Centers Security

Most Recent


  • Making Waves
    7 Channel People Making Waves This Week at TD Synnex, Veeam, Kaseya, Zendesk, More
    Microsoft has discovered malicious activity by a state-sponsored threat actor based in China.
  • Businessman reading cloud computing news
    Cloud Computing News: VMware, Celigo, Google Cloud, AWS Dominate the Week
    Find out what the vendors are up to this week and how partners are impacted.
  • OffSec Partners Get Expanded Global Partner Program
    The expanded partner program includes three new partner types.
  • Tech investments
    3 Ways Businesses Can Optimize Their Tech Investments
    Help customers start small, minimize risk and demonstrate business value in a condensed time frame.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Conflict Boxing Gloves
    Channel Conflict, Controversy: SolarWinds Hack, Racism, Layoffs, Zoom-RingCentral
  • Social media smartphone
    Social Media Roundup: Partners Talk Crypto, Security Hiring
  • Europe skyline
    The Master Agent Model Is Taking Off in Europe
  • DIY Network and Security Management 'Gotchas'

Upcoming Events

View all

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Channel Partners Conference & Expo

March 11, 2024 - March 14, 2024

Galleries

View all

7 Channel People Making Waves This Week at TD Synnex, Veeam, Kaseya, Zendesk, More

June 2, 2023

Cloud Computing News: VMware, Celigo, Google Cloud, AWS Dominate the Week

June 2, 2023

Channel People on the Move: HPE, Lumen, Sophos, TD Synnex, AireSpring, More

June 1, 2023

Industry Perspectives

View all

Dell Technologies World: Dell Apex Expanded Across On-Premises, Cloud and Edge

May 22, 2023

Identity Is Increasingly Valuable – and Targeted

May 18, 2023

Gaining a Competitive Advantage through AV Managed Services

May 10, 2023

Webinars

View all

From Problem to Profit: Mastering the Science of Selling Using Business Outcomes

May 9, 2023

Meet the 2023 Channel Futures Channel Influencers

April 13, 2023

DE&I Dialogue: How the Right DE&I Initiatives Can Propel Your Business

April 5, 2023

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode No. 123: MartinWolf M&A Advisors, CP Expo Preview

UScellular Takes On Rivals with Partner Program Simplicity

April 21, 2023

OpenText Simplifying Deal Registration, Doubling Down on MDF

April 21, 2023

Everything-as-a-Service: CloudBlue Touts Critical Customer Transition

April 18, 2023

Twitter

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X