Fight the enemy where they aren’t: why DR is vital to countering ransomware threats.

Suffering a ransomware attack is a costly proposition for every modern organization. There are various cyber-security threats that companies must counter on a daily basis, from phishing and denial-of-service attacks to zero-day exploits and simple human error. But of all the threats lurking in today’s digital world, ransomware is by far the most menacing, a profitable “mechanism of chaos” for hackers and cybercriminals.

A perfect example of the destructive and pervasive nature of ransomware attacks occurred in May 2017. In just one day, the infamous WannaCry attacks infected more than 230,000 computers in 150+ countries. In the aftermath, even though organizations quickly employed reactive countermeasures such as decryptors, the threat persisted and still shows no signs of diminishing, especially for small and medium-sized businesses (SMBs), who are perfect targets due to:

  • Single, flat environments. When using plug-and-play equipment and default settings, malefactors can easily penetrate predictable setups.
  • Insufficient security protocols. Every organization should have a set of documented, unique security rules and procedures based upon application needs and industry compliance requirements.
  • Budgetary constraints. While neither glamorous nor revenue-generating, assessing network vulnerabilities and budgeting for adequate security measures is vital to maintaining mission-critical data systems.
  • Lack of knowledgeable internal IT staff with security expertise. Most small businesses have a bare-bones IT department whose knowledge is limited to their background and experience level. Outsourcing security programs to a team of experienced engineers, skilled in every aspect of network development (SQL, networking, security, etc.), yields effective systems and peace of mind.

Big bucks at risk
It is readily apparent that companies must proactively move to minimize risks. But which risks should you address? With the threat of ransomware attacks persisting and financial/prestige implications consistently rising, many organizations choose to spend budget allocations on cybersecurity software for protection. Certainly, you want to build a digital shield to protect your systems; however, it is crucial to note that it is virtually impossible to stop every attack, especially for large businesses with complex infrastructures and ever-changing employee pools.

We recommend to clients that, rather than putting all their faith (and money) into preventative measures, they also focus on resiliency and recovery systems for quick and accurate rebounds in the event of an attack. The key questions that CIOs/CSOs/CTOs must ask themselves:  

  • Have we recognized the need for HA/DR systems?
  • Do we have an emergency plan in place for when systems are compromised?
  • Do we have adequate backup systems that ensure data fidelity? 
  • What do we consider acceptable recovery times for restoring data after a breach?

The need for speed
Despite the obvious threats to corporate data that we see in the news on a weekly basis, internal research conducted by George Jon discovered that 56% of organizations do not have a disaster recovery plan in place should they fall victim to a cyber-attack. In addition, only one in four (26%) IT decision-makers feel extremely confident in their organization’s ability to recover data in time to avoid business disruption. These figures illustrate how unprepared most large businesses are for dealing with threats to data systems.

Traditional security efforts concentrate on endpoint protection and employee training, educating staff on how to avoid ransomware traps. While these are positive measures that provide a layer of protection, they are not fail-safe, and ultimately the impact of an attack is determined by the company’s ability to recover stolen/encrypted data as quickly as possible to avoid disruption, downtime, and reputational damage. Thus, it is vital that businesses have infrastructure in place to restore business-critical data and maintain continuity of operations when proactive measures fail, quickly and confidently.

George Jon’s expert team of information security engineers, with 15+ years of real-world experience, prioritizes backup and disaster recovery solutions ahead of application plans. Simply put, we ensure that every organization has a recovery time that exceeds expectations and guarantees business continuity. We focus on component-specific backup solutions, including SQL environments, general server infrastructures, and application-specific components.

Learn more!
If you found this information helpful and would like to tap into George Jon’s wealth of knowledge and experience, please contact us for a consultation. Our Subject Matter Experts (SMEs) are standing by, and we welcome the opportunity to optimize your environment’s security capabilities and performance.

About the Author
Ali Zeidan
Internal IT Manager & SMB Lead

Ali boasts a decade of experience supporting the information technology needs of small and medium-sized business. He spends most of his waking hours assessing and improving client infrastructure resiliency, countering threats to revenue generation and operational continuity.

Ali is passionate about supporting GJ’s client environments and welcomes the challenges inherent to the ideation and implementation of leading technology strategies. His efforts ensure that clients can meet and exceed ever-changing business requirements and satisfy key stakeholder management teams.

Ali holds a Bachelor’s degree in Computer Science from the University of Illinois at Chicago (UIC) and is a Microsoft-Certified Solutions Associate (MCSA).