Estimated 200,000 Computers Crippled
An apparently random attack using a strain of malware called “WannaCry” started gaining traction on a Friday and spread like wildfire through the weekend. Like other ransomware variants, WannaCry spreads as a worm, scanning computers on the network for vulnerabilities and leapfrogging from one organization to the next. WannaCry targets outdated software like Windows XP or Server 2003, capitalizing on the fact that these systems are no longer actively updated. This ransomware instance demands $300-600 per infected computer in order to unlock encrypted files.
The initial rapid spread of WannaCry was slowed when malware researcher Marcus Hutchins discovered a domain in the ransomware’s code, noticed it was unregistered, and bought it out of curiosity. Apparently registering that domain acted as a kill-switch; Hutchins admitted it was a happy accident and received a week off from work in recognition of his efforts (purposeful or not). Still, at least 2 additional variants of this ransomware have already been detected, and may bloom in force as workers return to the office today.
The Best Defense is Backup
It’s important that employees are properly trained in avoiding ransomware infection and that antivirus software is up to date, but as ransomware continues to evolve there is no way to guarantee that prevention will be effective – it’s just impossible to predict how the next version will look or act. The failsafe method to protect your critical files and maintain business continuity in the event of a ransomware infection is to maintain comprehensive and effective backups.
If one or a few workstations/servers/virtual machines are infected, having an onsite backup with up to date versions of files allows you to quickly restore and get back to business. Make sure your backup solution includes a dedicated backup appliance that lives locally, or at least a virtual, centralized software instance that can provide quick restores over your LAN. In addition to backing up document folders, emails, and shortcuts, make sure you can save “bare metal” backups which allow you to restore a laptop, desktop, server, or virtual machine from scratch, exactly how it was configured and with all documents and files intact.
Having local backups is one half of the puzzle. A complete data protection solution provides disaster recovery for a range of data loss scenarios; whether you’re trying to restore a file that’s aged out of the local backup retention policy, a ransomware attack is holding your LAN hostage, or your building burns down, offsite backups offer business continuity that’s necessary for every organization. Utilizing offsite backups provides extended flexibility, allowing you to determine what data should be prioritized for rapid local restores and what should be maintained as a virtual copy in your personal virtual disaster recovery cloud. In a worst-case-scenario, you can plan to run your entire business from backed-up versions of your local systems until you can revert to normal operations.
Teamwork Makes the Dream Work
Setting up and implementing a comprehensive data protection plan can be daunting, but that’s what we’re here for. Partner with Armada Cloud and take advantage of our data protection and disaster recovery platform so you can focus on what’s important.