Tag Archive for: Recovery

One simple way to cut ransomware recovery costs in half

/in


ttps://securityintelligence.com/articles/one-simple-way-to-cut-ransomware-recovery-costs-in-half-2/”http://www.w3.org/TR/REC-html40/loose.dtd”>

Whichever way you look at the data, it is considerably cheaper to use backups to recover from a ransomware attack than to pay the ransom. The median recovery cost for those that use backups is half the cost incurred by those that paid the ransom, according to a recent study. Similarly, the mean recovery cost is almost $1 million lower for those that used backups. Despite this fact, the use of backups is actually falling.

This was one of the most prominent findings in the recent Sophos State of Ransomware survey. Let’s take a closer look at the report’s conclusions.

The state of ransomware

Sophos recently published an independent, vendor-agnostic report about the impact of ransomware worldwide. The survey included 3,000 IT and cybersecurity leaders in organizations with between 100 and 5,000 employees across 14 countries in the Americas, EMEA and Asia Pacific. The study was conducted between January and March 2023, and the participants responded based on their experiences over the past year.

According to the report, the rate of attacks stayed constant, with 66% of respondents reporting that they were hit by ransomware during the last year. In 2022, respondents reported the exact same percentage. While this might be a good sign, it’s notable that in 2021 the rate was only 37%.

Does size matter?

The Sophos study revealed a distinct correlation between annual revenue and the chances of being a victim of ransomware. For companies with revenue of $10 to $50 million, 56% experienced a ransomware attack in the last year. Meanwhile, 72% of those with revenue of $5 billion or more were victims of ransomware.

Surprisingly, there was no strong relationship between ransomware attacks and company headcount. The rate of ransomware attacks was consistent, with 62-63% of companies of all sizes experiencing ransomware incidents. The only exception was that companies with 1,001 to 3,000 employees had a 73% rate. One might think that larger workforces would lead to more attacks as the attack surface is larger, but this study did not find that to be the…

Source…

Malware Attack Can Lead To Data Loss | by PITS Global Data Recovery Services | Aug, 2023

/in


Photo by Ed Hardie on Unsplash

With the rise of technology and interconnectivity, the threat of data loss has also grown significantly. One of the most dangerous culprits responsible for data loss is malware. In this blog, we will explain the world of malware, its potential consequences, and the measures you can take to safeguard your data.

Malware, short for “malicious software,” refers to a broad category of software programs designed with malicious intent. Malware is created to gain unauthorized access to systems, steal sensitive information, disrupt computer operations, or cause harm in various ways. Malware can take many forms, including viruses, worms, Trojans, ransomware, spyware, and adware.

  1. Data Theft: One of the primary objectives of malware attacks is to steal valuable data. Cybercriminals may target personal information like login credentials, credit card details, and social security numbers. In the case of businesses, sensitive customer data, intellectual property, and financial records are often the primary targets. Once in the hands of malicious actors, this data can be sold on the dark web, used for identity theft, or leveraged for extortion.
  2. Ransomware: Ransomware is a type of malware that encrypts a victim’s data, making it inaccessible until a ransom is paid. Falling prey to a ransomware attack can lead to significant data loss, as organizations might lose access to their critical files and databases. Even if the ransom is paid, there is no guarantee that the attackers will decrypt the data, leaving victims in a devastating situation.
  3. Data Destruction: Some malware is designed explicitly to cause data destruction. These destructive malware types can wipe out entire data systems, rendering them unusable and causing severe data loss. Such attacks can lead to costly downtime, loss of productivity, and reputational damage.
  4. Disruption of Backups: Backups are essential for data recovery in the event of a data loss event. However, advanced malware can infect backup systems, compromising the ability to restore data effectively. If backups are not securely isolated from the network, they may also be subject to the same vulnerabilities as primary data storage.
Photo by

Source…

Rubrik Debuts $10 Million Ransomware Recovery Warranty in India

/in


First in the industry to offer a ransomware recovery warranty of its kind for qualified customers, Rubrik, the Zero Trust Data Security Company, announced today in India its $10 million Ransomware Recovery Warranty. The company is doubling down on its commitment to customers and their business resilience, to provide confidence that with Rubrik, they can rapidly recover and restore business-critical operations if faced with a ransomware attack.

“With the ever-growing sophistication of cybercrime, reducing the risk of a ransomware attack to zero has become a harrowing task. This ongoing evolution demands organizations to stay vigilant and ready for the inevitable instance of a cyber attack,” said Bipul Sinha, Co-Founder & CEO, Rubrik. “Bringing our Ransomware Recovery Warranty to India is an imperative step towards reinforcing trust and demonstrating unwavering global support to our customers in the battle against cyber threats.”

Ransomware attacks have grown into an estimated $8.4T industry globally, becoming one of the greatest threats to our economy. According to the Rubrik Zero Labs State of Data Security report, surveying over 1,600 IT and security leaders, more than half of the respondents’ organizations were impacted by a ransomware attack in the last year. In India, 26% of respondents reported their organizations experienced over 100 attempted cyber attacks within the last year alone and 51% of companies suffered a loss of customers as a result of a cyber attack. As our reliance on data-heavy technology continues to expand, the susceptibility of this data to cybercrime grows in tandem. It’s crucial that organizations pivot from trying to completely mitigate the risk of a cyber attack to focusing on minimizing the impact.

“Protecting against ransomware attacks is a top priority for organizations today,” said Sendil Kumar, Chief Technology Officer at Shriram Capital Ltd. “Rubrik’s Ransomware Recovery Warranty stands out in the cybersecurity industry as it underscores the confidence they have in their data security solutions and their ability to recover customer data after a…

Source…

Op-Ed: Shaving time and complexity off ransomware recovery

/in


We often hear when Australian businesses are ransomwared, but what happens next? The incident response, forensic investigation, and system recovery processes are often never revealed or told.

There are likely multiple reasons why this is the case. One is that recovery from these incidents is often gruelling, with one in four teams needing a month or more to get back to business as usual.

Around-the-clock efforts to get back online are often part and parcel of the post-incident period. It’s an experience security teams are likely to be in no hurry to retell or relive.

It is worth examining why recovery from a ransomware attack takes so long, and in particular, whether architectural changes and/or additional tooling at an infrastructure level might help businesses to get back on their feet faster.

From a local data storage perspective, many businesses have similar infrastructure set-ups, where production servers talk to primary storage, and that data is replicated elsewhere for backup purposes. The backups may be point-in-time snapshots or it may be that data is actively replicated and synchronised between two sites that operate in an active-active configuration.

From a backup perspective, the most important thing is to have an immutable copy with data retention of that copy of the primary storage environment set for a specified period of time such that it cannot be deleted. This is the secure copy of data the business can restore from in the event of a cyber attack. For added safety, it’s also important to put some sort of air gap between the backup and the primary storage environment.

Immutability is an important principle to consider when looking at the cyber resiliency of data infrastructure. The idea is to take a volume of data and make it immutable in such a way that if the business is hit by ransomware, that data cannot be altered by anyone, under any circumstances.

Air gapping is another important security principle. An air gap can be logical or physical; in a traditional infrastructure set-up, point-in-time backups may be stored on tape, which acts as a physical air gap to the primary storage environment. However, tape has its own challenges, and it may be that a…

Source…