Expert Comments: Ransomware Victims Thought Their Backups Were Safe. They Were Wrong

The UK‘s cybersecurity agency has updated its guidance on what to do after a ransomware attack, following a series of incidents where organisations were hit with ransomware, but also had their backups encrypted because they had left them connected to their networks.

Keeping a backup copy of vital data is a good way of reducing the damage of a ransomware attack: it allows companies to get systems up and running again without having to pay off the crooks. But that backup data isn’t much good if it’s also infected with ransomware — and thus encrypted and unusable — because it was still connected to the network when the attack took place.

The UK‘s National Cyber Security Centre (NCSC) said it has now updated its guidance by emphasising offline backups as a defence against ransomware.


EXPERTS COMMENTS
Javvad Malik, Security Awareness Advocate,  KnowBe4
February 28, 2020
Offsite backups are important to prepare for any sort of incident, but are even more important in the case of ransomware.
Offsite backups are important to prepare for any sort of incident, but are even more important in the case of ransomware. However, even backups alone may not be sufficient. We're seeing ransomware evolve to the point that the criminals steal critical information from organisations when they infect them with ransomware. They then try to extort the company, its customers, and partners for money in o ....
[Read More >>]
Martin Jartelius, CSO ,  Outpost24
February 28, 2020
Similarly, ensuring that the backup system is not granted write-rights to the systems it backs up is equally critical.
This has been something stressed for a long time by security organizations, a backup should be protected against getting overwritten, and offline- offsite backups are a strong recommendation, both to ensure a capability to restore and the integrity of the information. Similarly, ensuring that the backup system is not granted write-rights to the systems it backs up is equally critical, as otherwis ....
[Read More >>]

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :




In this article