Unless you live in a cave (unlikely, but possible in today’s pandemic-burdened world), you’ve seen the ransomware headlines. Ransomware is another kind of epidemic that has spread like wildfire. SonicWall reported an alarming rise in cyberattacks, with a record 190.4 million ransomware attacks posted in the third quarter of 2021 alone. That brings the year-to-date total to 495.1 million ransomware attacks—a 148 percent increase over last year.
If you’re an IT pro, these statistics are a potent reminder that everyone in your organization needs to do everything they can to keep your systems and data safe. That starts with prevention. Here are three reasons you also need a last line of defense against ransomware.
1. Cybersecurity Technologies Can’t Stop Every Threat
Faced with so many threats, you are already taking steps to add more layers to your first line of defense—your cyber attack prevention efforts. Firewalls, network monitoring, antivirus software, email filters, and other malware and ransomware prevention technologies are valuable and crucial for keeping your data and systems safe. But, as we recently learned with the Log4j vulnerability, some threats are beyond your control. And, in a recent article, MIT Technology Review wrote that cybersecurity defenders had caught a record number of zero-day attacks—cyberattacks that leverage previously unknown vulnerabilities—so far this year. At some point, as with Log4j, hackers will likely find a way around most defenses.
2. Humans Are Human
Your employees are on the front lines in the fight against ransomware. But here’s a statistic that may shock you: employees of nearly 50 percent of businesses have been approached to assist in ransomware attacks. While there isn’t much you can do to stop a disgruntled employee from causing problems from the inside—should one choose to take a hacker up on their offer—you can teach your employees how to recognize potential threats and respond to them. Check out this post for a deeper dive into ways you and your employees can help stop ransomware.
3. Ransomware Prevention Can Fail
Even with state-of-the-art prevention methods, ransomware can still sneak in. According to a recent report, millions of malicious emails are still slipping past security filters. With that many emails landing in inboxes, the odds are that someone in your organization will, at some point, get fooled by a social engineering scheme. And new vulnerabilities are always emerging.
Your Last Line of Defense Matters Most
There are many causes and threats underlying all of these vulnerabilities. And there isn’t any way you can be sure your data and systems are safe. That’s why you need a last line of defense against ransomware and other threats. Start by implementing proper backup and recovery processes with well-defined frequency. We strongly recommend that you follow the new 3-2-1-1 backup rule:
- Keep three copies of your data, one primary and two backups
- Store two copies locally on two formats (network-attached storage (NAS), tape, or local drive)
- Store one copy offsite (in the cloud or secure storage)
- Use immutable storage for one copy
The critical element for ransomware prevention—immutability—is when your data is converted to a write-once, read-many-times format. If you fall victim to a ransomware attack that encrypts your data and corrupts your primary file system, immutable snapshots are immune—they can’t be altered or deleted. So your backups saved on immutable storage are always available for recovery.
Options For Every Infrastructure
StorageCraft, an Arcserve company, has a range of options for protecting your data against ransomware. ShadowXafe next-generation data protection software offers unified, SLA-driven management and tight integration with StorageCraft Cloud Services for true one-click disaster recovery as a service (DRaaS). OneXafe scale-out immutable storage serves as a backup target.