Wake-Up Call to Protect Against Ransomware
Well, if you are one of the businesses that hasn’t yet taken action to protect your IT systems against ransomware attacks, last Friday was your wake-up call. Hundreds of companies across many countries – including most alarmingly the NHS in England – were hit by the ‘WannaCry’ ransomware virus. IT teams who have up until now taken the attitude of ‘it couldn’t happen here’ now need to sit up and take notice.
Like many others, I read with increasing alarm the impact of the ransomware virus as it unfolded on Friday and over the weekend. Most concerning and upsetting was the fact that people’s health and lives were being put at risk by NHS patient data files and medical systems being encrypted, highlighting in no uncertain terms the huge cyber-security challenge faced by the Healthcare industry. But companies in all industries should see this in the context of the financial risk they face in the now highly likely event of a ransomware attack – how much would you be prepared to pay to unlock mission-critical files that could stop you doing business for days or weeks?
I was most struck by advice given in the UK Financial Times this morning:
“The best way to protect against ransomware is to back up your data frequently so that you can go back to a recent archive in the event of an attack.”
It sounds so simple and yet so many companies, both large and small, do not have the proper backup and disaster recovery processes in place that are invaluable – and indeed can avoid the need to fork out huge sums – in the event of a ransomware attack. Just recently, iland has had customers who have successfully recovered from ransomware attacks using the built-in 7 day backups available on our secure cloud hosting solution.
Here’s 3 ways our customers are using secure cloud hosting, cloud backup and Disaster-recovery-as-a-Service (DRaaS) to both protect against and remediate from ransomware attacks.
Cloud Security: Advanced cloud security features are essential in the war against ransomware to protect both hosted production workloads and replicated DR workloads in the cloud. In the case of the WannaCry virus, many IT systems were impacted because of a vulnerability in unsupported versions of the Windows XP operating systems. Constant scanning and identification of vulnerabilities is provided by the iland Secure cloud which, along with reporting and alerting, enables customers to patch these vulnerabilities before a ransomware virus has the opportunity to infiltrate files. Vulnerability scanning as well as encryption, intrusion detection and prevention, integrity monitoring and log inspection are essential to both cloud and on-premises IT systems. In fact, many iland customers are able to identify system vulnerabilities and risks during DR testing that they had not identified with on-premises security tools, enabling them to address these before being targeted by a cyber-attack.
Cloud Backup: Most IT pros reading this will have a data backup strategy in place – but how many have data backed up in an off-premises location or the security of knowing that data can be restored from a ‘clean’ VM in the cloud in just seconds? iland has built-in 7-day backups on our Infrastructure-as-a-Service (IaaS) offering which can be extended to 30 and 90 day backups. Many customers, realising the need to have a remote, secure location for backups, are also leveraging our Secure Cloud Backup with Veeam solution which stores an up-to-date copy or secondary copy of virtualized applications in iland’s cloud, restoring files and virtual disks back to the local environment as needed.
Disaster Recovery: The combination of aggressive RTOs and RPOs as well as journaling makes DRaaS a very effective weapon in the battle against ransomware. Our DRaaS customers are able to failover production to the iland Secure Cloud in the event of a ransomware attack and restore production systems within minutes or even seconds. Journaling with the iland plus Zerto DRaaS solution – whereby a running list of storage “writes” are kept in a special log file called a journal -enables granular restoration of virtual machines from specific points in time to enable you to failover to a point in time before the ransomware attack. I’m sure many IT managers who were victims of the ransomware virus this past weekend would have loved to have had this capability available to them.
Many business have now had their ransomware wake-up call – the good news is that there are ways to protect and remediate from ransomware and now is most definitely the time to take action. Contact iland to find out how to protect your business from the, unfortunately inevitable, ransomware attacks that will come in the future.