How to recover from a ransomware attack faster and return to business acceleration
Article by Pure Storage vice president and field chief technology officer for APJ, Mark Jobbins.
Most businesses in Australia and New Zealand have moved past the initial stages of responding to and recovering from the coronavirus pandemic and are now looking towards business acceleration. But this acceleration can be derailed in an instant if a business suffers a successful ransomware attack or cyber breach.
Businesses need to act immediately to ensure that, if this occurs, they can recover swiftly and get back to a state of business acceleration without sustaining significant losses.
The risk of a ransomware attack is significantly higher in Australia than anywhere else in the world, with 67% of Australian organisations suffering a ransomware attack in 2020 compared with the global average of 57%. A further 23% of Australian organisations accept that they are likely to be targeted by a ransomware attack at some point, leaving just 11% confident that they won’t be targeted. The cost is also higher for Australian organisations who pay the ransom, with an average cost of AU$1.25 million for each breach.
In New Zealand, more than 50% of organisations had been successfully targeted by a ransomware attack, and 20% estimated that their organisation was affected by 16 or more ransomware attacks per quarter.
With the risk of attack so high, organisations looking to continue accelerating their growth need to have a proactive plan in place to protect themselves. Cybersecurity tools are essential, but ransomware attacks often bypass cybersecurity tools or exploit vulnerability gaps. When this happens, the only option is to pay the ransom unless the organisation has a reliable, protected backup that it can practically revert to.
Most organisations back up their data for disaster recovery and business continuity purposes. However, restoring data from these legacy systems can be slow and cumbersome, with no guarantees. And, if the backup data is also corrupted, then the organisation may have no choice but to pay the ransom and hope the attacker decrypts the data without further damage.
To avoid this scenario, organisations should choose a backup data storage solution that locks down data, protecting it from malicious attacks. By creating an immutable snapshot of backup data and associated metadata catalogues, this type of solution can prevent the data snapshot from being deleted, encrypted, or modified.
Even when attackers gain admin privileges, the data snapshot remains off-limits. This is a reliable way to keep data safe from attack. The next step is to restore that data quickly and effectively. This capability relies on the backup architecture. It needs to bring in all of the data from the organisation’s many silos without getting slowed down. The faster the data can be restored, the sooner the organisation can get back to business acceleration.
Organisations should look for a rapid restore solution that delivers a data-recovery performance of at least 270 terabytes per hour for both production and test or development workloads.
Avoiding the costly downtime that usually accompanies a ransomware attack is a huge competitive advantage in an era when ransomware is one of the most significant business risks.
When an organisation can recover quickly from a ransomware attack, customers and partners gain confidence in the business, letting the organisation accelerate its growth safely and reliably.