If you’re unlucky enough to be infected by a ransomware attack, you can recover encrypted files by implementing an effective backup strategy.
The threat of a ransomware attack is an unfortunate reality for organisations in 2016. The number of attacks has increased five-fold in the past year, and this trend is set to continue.
Even with security measures and employee awareness training in place, malware such as CryptoLocker and CryptoWall can still slip through the gaps. And if it does, the consequences can be serious. Implementing an effective, appropriate backup strategy will enable you to recover encrypted files that have been compromised by a ransomware attack.
What is Ransomware?
Ransomware is a form of malware. It is utilised by cybercriminals to extort money from victims. There are a number of forms of ransomware, such as CryptoLocker and CryptoWall, but they all operate in fundamentally the same way.
Ransomware payloads are typically delivered via email, either in attachments or web links, or through users visiting compromised websites. Once the ransomware has infected a PC, it encrypts all files on local and shared drives.
The user is then given a notification that their files have been encrypted. They are told that to get the unique 2048-bit RSA key required to unencrypt the files, they will need to pay a ransom. This ransom will generally be paid in an online currency such as Bitcoins. There is often a time limit imposed before the decryption key is destroyed, putting pressure on the user to pay the fine.
What are the Consequences of Ransomware?
Depending on the shared drives that the infected PC has access to, ransomware attacks have the potential to encrypt large numbers of business-critical files. Once a file is encrypted, it is rendered unusable: you can’t view it, and you can’t edit it.
For a business that becomes infected by a ransomware attack, the consequences can be crippling. With significant operational, financial, and reputational damage all possible, many organisations choose to simply pay the ransom in the hope that they will receive the decryption key and regain access to the files.
Recover Encrypted Files through Traditional Backups
If your files have been encrypted and you don’t want to pay the ransom (or you have paid the ransom but haven’t received the decryption key), the only way to recover encrypted files is through backups.
However, even when backups are in place there are factors that complicate the process to recover encrypted files: –
- Recent varieties of ransomware have started to encrypt files slowly over several days or weeks, only notifying users of the infection after a longer period of time. To restore systems to their pre-infected state, days or even weeks of changes to unencrypted files can be lost.
- To restore large numbers of files, the recovery time can be very long. If business-critical files take several days to recover, this can have a significant operational impact on the organisation.
With these complicating factors in place, it’s easy to see why many organisations choose to take the hit and simply pay the ransom.
However, there is a better way.
Recover Encrypted Files through Effective Backups
The latest backup technology, such as that which is offered by AssureStor through its backup2cloud platform, resolves the issues presented by the most recent ransomware varieties. The platform provides smart restore functionality that enables organisations to recover encrypted files rapidly.
The backup2cloud smart restore functionality allows organisations to target and recover only the files that have been encrypted as a result of a ransomware attack. This drastically reduces the recovery window, allowing for the restoration of files within minutes rather than hours or days. It also means that data loss is minimised, as users won’t lose work that they have carried out on unencrypted files subsequent to the infection.
This makes the backup2cloud platform, powered by Asigra, an effective backup solution that allows organisations to recover encrypted files efficiently, without paying ransoms to cybercriminals.
Safeguard Your Business-Critical Data
Prevention is always better than cure, and your organisation should have measures in place to prevent ransomware attacks. However, should the worst happen and you become infected, you need to be sure that you can recover encrypted files as quickly as possible and with minimal impact to users. To find out more about how the backup2cloud platform can help safeguard your business-critical data, please contact us.