The U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) ransomware site US-CERT defines ransomware as: “a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website.”
Ransomware attacks from cybercriminals have cost victims many millions of dollars, with one study suggesting the 2020 total cost could ultimately total $1.4 billion in the U.S. Victims of the largest attacks include organizations from every industry, government agencies, IT providers, and educational institutions. No organization is immune, but there are strategies to help ensure your organization is prepared.
A ransomware attack is one of the worst-case recovery scenarios that organizations can face. An impacted company or agency will likely be dealing with widespread operational and logistical issues caused by the attack. Rubrik has helped a number of customers successfully recover from ransomware attacks. As a result, we developed a set of best practices to help plan for, identify and remediate ransomware attacks. Ransomware attack planning best practices consist of the following five basic steps:
If your IT resources are breached by ransomware, you must be ready to address that attack immediately. A ransomware recovery plan should include the following tasks:
Rubrik is not a ransomware prevention solution. Instead, it is a last line of defense for the detection and remediation of an attack. By using machine learning, Rubrik can detect when data has been changed by ransomware through the introspection of backups. Uninfected copies of that data can then be identified and used to surgically restore data following a ransomware attack. Otherwise, entire systems must be recovered resulting in the loss of good data that has not been infected.
Contending with a ransomware attack involves far more than paying or not paying a ransom. The real concern is protecting your critical data. Being prepared to deal with an attack and having a plan for recovery from an attack will help safeguard organizational continuity.
Learn more about how Rubrik’s approach can help you protect against ransomware attacks.