How to recover from ransomeware

Ransomware cyberattacks are everywhere in the news: In Taiwan, major gas stations were unable to process payments. Increasingly targeted during the current pandemic, hospitals and medical facilities have been forced to turn away patients. Banks were unable to make foreign currency conversions. Dozens of city governments have been crippled. Many small businesses have been forced to close.

Hackers have been ruthless with their malicious malware attacks, exploiting users from small business to global enterprise organizations, both private and government.

The Challenges

Just in 2019, ransomware threats increased by 300%—and not only are attacks growing more frequent, but they are much more costly to recover from as well. The total estimated cost of ransomware attacks for 2019 was $11.5 billion, with an average recovery cost of $1.4 million per attack for an individual organization.

A successful cyberattack can bring your operations to a stop, potentially for days, weeks, or even permanently. Without the right plan and solution, data recovery efforts can leave gaps in data, become time-consuming, labor-intensive and costly. And even if you do recover your data, damage to your reputation can be lasting, causing customer attrition or brand avoidance. These costs, along with potential ransom costs, can cripple a business, as noted in a recent Gartner report.

Cybersecurity: The First Line of Defense

As hackers become more sophisticated and attacks to IT systems become more common, the reality is that it’s not a matter of if you will be targeted by a cyberattack, but when. While you won’t be able to stop all attacks, creating a comprehensive cybersecurity and disaster recovery plan is paramount to minimizing your risk.

That was the intention behind the Cybersecurity Framework launched by the U.S. Commerce Department’s National Institute of Standards and Technology (NIST). This flexible framework helps organizations understand the best practices they should use to manage their cybersecurity-related risk, centered on these core functions:

1. Identify
2. Protect
3. Detect
4. Respond
5. Recover

NIST identified these functions because they are “the five primary pillars for a successful and holistic cybersecurity program. They aid organizations in easily expressing their management of cybersecurity risk at a high level and enabling risk management decisions.”

Recovering from Ransomware with Cyber Resilience

Many organizations do a good job with the first four pillars, yet when malware makes it through their defenses they struggle with recovery. But this final step has become more critical than ever before. Having to restore to a day-old or even week-old backup means data loss and increased time and expense in recovery efforts. You can’t afford that kind of a non-resilient solution.

Continuous Data Protection is Key

The key is having a solution that’s always on, with enough granularity to recover to a point in time precisely before the attack occurred, without time gaps. To recover to the exact point before an attack, you must be able to pinpoint exactly when the attack occurred.