DR vs. Ransomware
Fight the Enemy Where They Aren’t
Why Disaster Recovery systems are vital to countering ransomware threats.
by Jordan McQuown
Suffering a ransomware attack is a costly proposition for every modern organization. There are various cyber-security threats that companies must counter on a daily basis, from phishing and denial-of-service attacks to zero-day exploits and simple human error. But of all the threats lurking in today’s digital world, ransomware is by far the most menacing, a profitable “mechanism of chaos” for hackers and cybercriminals.
A perfect example of the destructive and pervasive nature of ransomware attacks occurred in May 2017. In just one day, the infamous WannaCry attacks infected more than 230,000 computers in 150+ countries. In the aftermath, even though organizations quickly employed reactive countermeasures such as decryptors, the threat persisted and still shows no signs of diminishing, especially for small and medium-sized businesses (SMBs), who are perfect targets due to:
- Single, flat environments. When using plug-and-play equipment and default settings, malefactors can easily penetrate predictable setups.
- Insufficient security protocols. Every organization should have a set of documented, unique security rules and procedures based upon application needs and industry compliance requirements.
- Budgetary constraints. While neither glamorous nor revenue-generating, assessing network vulnerabilities and budgeting for adequate security measures is vital to maintaining mission-critical data systems.
- Lack of knowledgeable internal IT staff with security expertise. Most small businesses have a bare-bones IT department whose knowledge is limited to their background and experience level. Outsourcing security programs to a team of experienced engineers, skilled in every aspect of network development (SQL, networking, security, etc.), yields effective systems and peace of mind.
It is readily apparent that companies must proactively move to minimize risks. But which risks should you address? With the threat of ransomware attacks persisting and financial/prestige implications consistently rising, many organizations choose to spend budget allocations on cybersecurity software for protection. Certainly, you want to build a digital shield to protect your systems; however, it is crucial to note that it is virtually impossible to stop every attack, especially for large businesses with complex infrastructures and ever-changing employee pools.
We recommend to clients that, rather than putting all their faith (and money) into preventative measures, they also focus on resiliency and recovery systems for quick and accurate rebounds in the event of an attack. The key questions that CIOs/CSOs/CTOs must ask themselves:
- Have we recognized the need for HA/DR systems?
- Do we have an emergency plan in place for when systems are compromised?
- Do we have adequate backup systems that ensure data fidelity?
- What do we consider acceptable recovery times for restoring data after a breach?
Despite the obvious threats to corporate data that we see in the news on a weekly basis, internal research conducted by George Jon discovered that 56% of organizations do not have a disaster recovery plan in place should they fall victim to a cyber-attack. In addition, only one in four (26%) IT decision-makers feel extremely confident in their organization’s ability to recover data in time to avoid business disruption. These figures illustrate how unprepared most large businesses are for dealing with threats to data systems.
Traditional security efforts concentrate on endpoint protection and employee training, educating staff on how to avoid ransomware traps. While these are positive measures that provide a layer of protection, they are not fail-safe, and ultimately the impact of an attack is determined by the company’s ability to recover stolen/encrypted data as quickly as possible to avoid disruption, downtime, and reputational damage. Thus, it is vital that businesses have infrastructure in place to restore business-critical data and maintain continuity of operations when proactive measures fail, quickly and confidently.
George Jon’s expert team of information security engineers, with 15+ years of real-world experience, prioritizes backup and disaster recovery solutions ahead of application plans. Simply put, we ensure that every organization has a recovery time that exceeds expectations and guarantees business continuity. We focus on component-specific backup solutions, including SQL environments, general server infrastructures, and application-specific components.
If you found this information helpful and would like to tap into George Jon’s wealth of knowledge and experience, please contact us for a consultation. Our Subject Matter Experts (SMEs) are standing by, and we welcome the opportunity to optimize your environment’s security capabilities and performance.
George Jon (GJ) is an eDiscovery infrastructure, product and process specialist, delivering performant, scalable, fault tolerant environments for users worldwide. GJ works with global corporations, leading law firms, government agencies, and independent resellers/hosting companies to quickly and strategically implement large-scale eDiscovery platforms, troubleshoot and perfect existing systems, and provide unprecedented 24/7 core services to ensure optimal performance and uptime.
George Jon’s (GJ) conclusions are informed by fifteen-plus years of conducting enterprise-class eDiscovery platform assessments, application implementations and infrastructure benchmark testing for a global client base. GJ has compiled extensive quantitative and qualitative insights from the research and implementation of these real-world environments, from single users to multinational corporations, and is a leading authority on eDiscovery infrastructure.
CHIEF TECHNOLOGY OFFICER (CTO), GEORGE JON
Jordan McQuown is an authority in information technology, cyber security, electronic discovery, and digital forensics. He has written Thought Leadership articles for the American Bar Association’s Cybersecurity Handbook and Information Security Magazine, and he is a regular speaker as a subject matter expert on the eDiscovery security, application and legal conference circuits.