What’s the best way to combat a ransomware threat? The secret is to be proactive, and maybe extra paranoid. I’ll bet the guy who decided to set this organization’s backup policy was ridiculed ceaselessly… until one day, when he became the hero.
The Nebraska Irrigation District was hit with ransomware. But they fared incredibly well, which shows that you can defend against ransomware, even if you can’t prevent it from infecting your computers. The secret is not only have have a backup program that saves all the data on all your machines, but to do it automatically, and very frequently.
The automatic backups in this organization run every 15 minutes. So, almost no data was lost. And don’t forget, if you have recent backups, not only can you get your data back easily, you don’t have to pay the ransom!
Give that IT guy a raise (maybe a percentage of the ransomware demand).
I have only one concern about this general message… don’t forget that if the attacker can infect your system, it can certainly steal your data. So, don’t be too quick to rely only on recovery safeguards. You still want to prevent the attacks from being successful, as much as possible. So, people need to learn to spot suspicious emails and other situations that could lead to any kind of infections.
Here’s the story from SC Magazine.