Recovering from Ransomware When Prevention Fails

The cost of ransomware passed $7.5 billion in 2019. That same year the FBI received 1,300 daily complaints about ransomware incidents. These attacks don’t just target a business’s single endpoint. They can infect its entire network in seconds if they can penetrate remote management software. On top of the increasing ransomware threat, businesses are producing more data than ever. In fact, according to a StorageCraft Global Research study, 86% of experts believe data volume will increase 10 times or more in the next 5 years.

With increasingly targeted ransomware attacks and an explosion in data creation, it’s clear why businesses must take a more sophisticated approach to data protection. The only thing between your business and data loss or a ransom is a disaster recovery (DR) plan. Ransomware is everywhere, and sooner or later your business will be attacked. When that happens, how will you recover? Recovery starts with a clearly defined plan.

Ransomware Planning: It’s Working (Mostly)

The good news is that although more businesses are succumbing to ransomware, at the same time more businesses are recovering safely. According to our recent webinar, StorageCraft has seen an 8X growth in ransomware restorations since 2017. Businesses that can recover have a plan, execute it, and ultimately prevent data loss.

But remember, a plan should account for protecting data as well as reducing downtime. Although data may be safe with basic data protection measures, many businesses take days—or even weeks—to recover if there’s a significant failure event. According to data from StorageCraft’s recent global study, only 15% of businesses can recover from severe data loss within an hour. When downtime can cost as much as $5600 every minute, even an hour can be expensive.

Rather than watch dollars slip down the drain, let’s look at how to build a solid plan that prevents data loss and costly downtime.

Three Steps for Building a Rock-Solid DR Plan for Ransomware

A disaster recovery plan should evolve as your business does. Ransomware is a big threat today, but what threats will tomorrow bring? The following steps are a part of a planning cycle that will help protect your business from whatever threats appear down the road.

Goal Setting and Documentation

It all starts with a set of recovery goals and thorough documentation of your network. Be rigorous because there are plenty of mishaps that can cause expensive downtime—not just ransomware.

• Develop solid recovery point and recovery time objectives
• Document people, equipment, communications, dependencies, and processes
• Create test cases for every location (e.g., onsite, offsite, cloud, and so on)

Testing and Executing

As Mike Tyson famously said, “Everyone has a plan until they get punched in the mouth.” Test your plan so you’re not caught off guard when ransomware comes swinging.

• Create a rigid protocol for regular testing
• Monitor backups to ensure that they’re taken successfully
• Validate backups by using them for test recoveries
• Test full recoveries of endpoints and your entire network (if possible)

Review and Revise

No plan should ever be considered final. Update your plan on a regular basis—when new threats present themselves or following a failure event.

• Identify areas of weakness and revise plans
• Check for faulty testing methodologies, faulty assumptions, or failures in notifications and monitoring systems
• Evaluate recovery objectives and your ability to meet them. Revise plans as needed

Of course, your plan will work best if you have disaster recovery solutions you can rely on.

Using Next-Gen Disaster Recovery Solutions

StorageCraft provides a bevy of data protection solutions businesses can tailor to their needs. For ransomware protection, many businesses depend on StorageCraft Cloud Services, a sophisticated offsite disaster recovery as a service (DRaaS) cloud-based platform. Should ransomware impact a system or entire network, you can instantly recovery backups from the cloud in seconds. That means no data loss, no paying ransoms, and an absolute minimum amount of costly downtime.

For a detailed technical deep-dive demo on DRaaS, register now to watch this StorageCraft webinar.