Backups becoming more desirable for Ransomware hackers

With all the ransomware attacks that have occurred, like CryptoWall, WannaCry, Petya, there’s a lot of chatter on the Internet about precautionary measures and solutions. One popular solution that’s being talked about is having a good backup for your data. But can having a good back up keep the ransomware attacks at bay?

Based on our research, we learned that ransomware criminals recognize that organizations with good backups of their production data will yield greater opportunities and payout for them. As such, they are going after backups themselves to prevent companies from recovering their data and to force these companies to pay their ransom demands to get their data back.

These criminals can access your backup software APIs for nefarious purposes and use them to corrupt and/or encrypt existing backup. Basically, any file system that’s attached to an infected machine is vulnerable, as well as attached external hard drives and plugged-in USB sticks.

Having a good backup is a step in the right direction to protect your data, but just because you have a good backup, doesn’t mean you’re 100% protected. You and your organization should not completely depend on the IT Support or network administrator to keep the data safe; rather it’s the responsibility of each of your employees in the organization to be aware of such heinous attacks, be vigilant, and take preventive measures to protect your data.

C3Compliant has a solution, PhishPro, which allows employees to report any suspicious emails that they may receive, with a click of a button, to the PhishPro analyst. Your employees will not have to guess if the email they’ve received is a legitimate email or a phishing email and possibly infect your network. Rather, our analysts will review the email and notify the employee if the email they reported is legitimate and will return the email back to the employee letting them know that it’s safe to open. If the analysts deem the email as a phishing email, the email will not be returned to the employee, and the employee will be notified accordingly. All information shared between PhishPro and the end user is transmitted through encrypted connection. Regardless of what preventive measures you put into place, you should always take the step to educate your employees on how each employee could do their part to prevent the loss of data and ensure they do not become victims of any cyber-attacks.

To learn more about PhishPro, please contact sales@PhishPro.com

 

Reference: https://www.dcig.com/2017/09/ransomware-possesses-three-techniques-turn-good-backups-bad.html