Secure Your Cloud Backup from Ransomware

03.05.19

Cybersecurity threats and attacks are always evolving. Viruses, worms, trojan horses, spyware, adware, and scareware have all been around for a long time. One type of malware, however, has been grabbing headlines and creating headaches for users and IT professionals alike: ransomware. Read more to find out how you can secure your cloud backup from ransomware.

What is Ransomware?

Ransomware is a form of malicious software — malware — that encrypts documents on a PC, server, or even across a network. Victims can often only regain access to their encrypted files and systems by paying a ransom, typically in Bitcoin, to the criminals behind the ransomware.

A ransomware infection often starts with someone clicking on what looks like an innocent attachment, and it can be a headache for companies of all sizes if vital files and documents (think spreadsheets and invoices) are suddenly encrypted and inaccessible.

What do the numbers say?

Ransomware attacks rose 350% worldwide from 2016 to 2017 (Dimension Data, 2018)
48% of IT consultants reported an increase in ransomware-related support inquiries from customers across 22 different industries during 2016-2017(Intermedia, 2017)
25% of cyber insurance claims in 2017 were related to ransomware (AIG, 2018)
Total losses due to WannaCry ransomware are forecasted to reach $4 billion (Cyence, 2017)
72% of businesses hit by ransomware lost access to data for at least two days; 32% lost access for five days or more (Intermedia, 2017)

How can you protect yourself from Ransomware and secure your cloud backup from ransomware?

Ransomware can find its way even around today’s sophisticated malware protection. The best approach to security is multi-layered and requires vigilance from both IT professionals and their end users. Here’s how you can secure your cloud backup from ransomware:

Always keep backups. Data can’t be recovered if it isn’t backed up. Have a strategy in place that covers every user, device, and file.
Lock down administrative rights. Don’t give users administration rights, even on their machines, unless it’s necessary.
Stay up to date. Keep systems and apps current with the latest patches to avoid exploits that rely on outdated code.
Keep every endpoint protected. Gateway protection can’t help when users insert a rogue USB stick. Make sure every endpoint has complete, current security.
If an email looks suspicious, it probably is. Teach users to trash emails that look like spam. Better yet, show them how to inspect email headers if they’re unsure of the sender.
Don’t open attachments. Unless your users are absolutely, positively sure that they recognize both the sender and the file, it’s better to leave attachments alone. If they do open attachments, they should never enable macros or executables. Suggest other ways to share documents that require authentication and have built-in virus scanning.

Veeam Insider Protection

At Thrive, our primary focus is protecting businesses’ data from any cyber threat or environment. Recently, cybercriminals have been becoming more sophisticated and learning to target backups as well as primary systems. Being in the business of offering total data protection, it was clear something had to be created to avoid such threats. As a Veeam Platinum Cloud Provider, Thrive can now provide an additional new solution to keep your data safe.

With the release of Backup & Replication 9.5 Update 3, Veeam introduced the concept of a Recycle Bin for customers sending offsite cloud backups using Veeam Cloud Connect. Coined Insider Protection, the solution enables a deleted backup protection option. This adds a new level of data security for cloud-based backups in the case of a malicious user gaining access to your backups or in the case of accidental deletion by an administrator.