Ransomware: Background and Mitigation

Ransomware: Background and Mitigation

A relatively recent threat to organizations, ransomware, is a type of malware that infects a user’s machine and encrypts the data on it, holding it for ransom until the victim pays the attacker in cryptocurrency. The first major ransomware outbreak occurred in 2017 with Wannacry. Wannacry was an early ransomware that infected Windows computers using a vulnerability that had already been uncovered and patched 2 months earlier. Due to poor update policies, many organizations did not keep their operating system up to date which meant they were still vulnerable to this. Eventually this particular attack was stopped thanks to a researcher who discovered that wannacry would fail to run if it couldn’t connect to a particular IP address. With that address registered on the internet, Wannacry was unable to infect any more computers. While this prevented future attacks with Wannacry, the damage was already done. 

After this type of malware was shown to be effective, the internet was flooded with many more types of ransomware. Due to this influx of attacks, it is important now more than ever for companies to secure their data from being taken hostage. There are several tools and products that can be leveraged to protect that data, such as Actifio and Rubrik. Actifio offers a cloud-based application, in addition to a local solution, that replicates your data and provides an easy way to backup and switch over to saved copies in the event of an attack. These copies are immutable, unable to be overwritten by anyone. Once loaded, they are kept in a sandbox environment, meaning any changes made to the loaded version are not written back to the original copy. Actifio GO, their cloud option, supports several hosting solutions, including Google Cloud.

Rubrik is another option for securing data. In addition to a cloud solution, Rubrik offers a physical appliance installed locally on premises. Rather than letting data sit in the cloud, Rubrik’s appliance provides an on-premise backup that the data can be switched over to in the event of an attack. While a physical device is not going to offer the scalability of the cloud, a company may not be comfortable putting certain data on the cloud, and may want to keep that data locally backed up.

No matter what the case is, there are plenty of ways to mitigate a ransomware attack. Even with older versions of this malware being effectively stopped, ransomware will continue to cause problems for organizations. As both a Google and Rubrik partner, Aptimized can deploy and support a backup solution, whether it is for disaster recovery or ransomware mitigation. Are you at risk? Call us for a zero cost assessment.

Back to blog

Leave a comment

Please note, comments need to be approved before they are published.