Ransomware and Disaster Recovery Plans

by admin | November 22, 2021

Ransomware and Disaster Recovery Plans

Disaster recovery is a basic element of good business continuity planning. Business continuity planning refers to the broad range of plans created so that a business can continue to be operational no matter what negative event might occur. Business continuity planning addresses severe, catastrophic events, loss of principals in the organization, severe natural disasters that incapacitate a physical location, etc. Disaster recovery planning is one piece of this broad planning. Specifically, disaster recovery plans refer to how to quickly recover from some event that compromises your IT infrastructure.

In general, smaller businesses–which often have no IT support staff - will utilize the services of a managed service provider to develop disaster recovery plans. One piece of your disaster recovery planning needs to address how the practice can protect its data from a ransomware attack. Unlike more well-known viruses, ransomware doesn't just access your data, it locks it down so it is unusable. The business model behind this approach is simple: They are betting you will have no segregated backups and will be willing to pay in order to access your data. However, since ransomware is utilized by a criminal element, there is no assurance of any of the following:

  • You will get all your data back
  • That advanced persistent threats will not remain
  • That valuable data will not be sold on the dark web, risking PII exposure

The only real defense against a ransomware attack is offensive and strategic. Just routinely making backups of your data may not necessarily protect it from being held hostage. Talk to your managed service provider about the design of your backups and how they are structured so that you will always have a “clean” copy of your data. If you want to defeat the designers of ransomware, your only real solution is to have uninfected backups. As long as you have these, you can simply refuse to pay the ransom. In the case of this virus, offense is the only defense that will keep your business data safe.

The FBI advises not paying the ransom

You’re dealing with criminals after all. The FBI and CISA track these incidents and reporting with one or both agencies is advised. You can find the tools here.


Comments:

Loading Conversation