Server Virtualization Johor | Enterprise Firewall | Vmware Certified Partner | Hyper-Converged Infrastructure HCI | ITWin
Case Study
Mobile :: Sub Masthead Case Study
 

Recover from
Ransomware Attack

 
Ransomware is a type of cyberattack often used against companies of all sizes. Once the malware that this type of attack uses is downloaded to the victims' device, it seeks out and holds corporate data hostage. It does this by locking you out or encrypting the data so that it is indecipherable. Your organization then must pay a ransom to restore your access – hence the name.

With threat researchers at SonicWall Capture Labs finding that there was 4 billion ransomware attempts globally in 2022, with a 56% year-on-year increase for the APJ region compared to 2021 means that last year was the most costly and dangerous year on record for organisations across the globe.
 
 
But Veeam believes that the best offence is a good defense, and their 2021 Ransomware Retrospective report has the data to back this up.

The study, designed to understand the impact of ransomware on the global IT community and its customers, found that an impressive 92% of Veeam customers didn’t have to pay any ransom to restore their data.

And recovering from a ransomware attack cost 85% of Veeam customers polled less than US$25,000 overall. With measurable data like this, it just goes to show how valuable having an effective backup process is. Having secure, timely and reliable backups for your corporate data is crucial, but it’s only part of an effective Ransomware Recovery Plan.
Read on to find our
7 steps to recovering from a
ransomware attack.
 
  What Are the 7 Steps?
 
Step
 
01
 

Have a Comprehensive
Cybersecurity Incident
Response Plan (CIRP) in
Place

While the hope is always that you will never have to deal with a cyber-attack of any kind, an attack takes place every 39 seconds. And so, while it may seem like an odd thing to have in a ransomware recovery plan, your first step should be ensuring you have a detailed cybersecurity strategy that is comprised of three main layers.

The first, of course, is protecting yourself from an attack in the first place. The second layer is a comprehensive Cybersecurity Incident Response Plan – a strategy that lays out exactly what your staff should do when an attack is in progress. The main goal with your CIRP is to mitigate the damage that a cyberattack can cause as well as help begin your recovery process.

This recovery phase is the third layer of your cybersecurity strategy and arguably the most important in terms of the actual cost of an attack. The reason is the longer it takes to restore your data and get your systems back online, the more it impacts your bottom line.
 
 
Step
 
02
 

Implement Backup Plans
for All Your Corporate Data

With digital workspaces and a remote workforce becoming the norm for the modern workplace, many companies have made the switch to using the powerful services offered by Microsoft Office 365. But while Microsoft has resilience at the heart of these tools, something they don’t offer is a comprehensive backup solution.

And yet many overlook this shortfall, with 81% of IT professionals saying that they experienced data loss in Office 365. When you consider that companies are storing as much as 60% of their sensitive data in cloud-based Office documents – 75% of which isn’t currently backed up – that is a worrying statistic. And so, your second step should be deploying solutions like Backup for Microsoft 365 across your organization.
 
 
Step
 
03
 

Employ the 3-2-1 Data
Backup Rule

The 3-2-1 rule is nothing new. In fact, Veeam have been advocating the concept since their very first days in business. And while IT professionals, and anyone tasked with keeping corporate data safe, have been using the principle since the beginning of time – we can thank photographer Peter Krogh for the phrase.

The 3-2-1 rule isn’t complicated and simply states that you should have three (3) copies of data stored on two (2) different types of media and one (1) copy should be off-site. Now while the most critical data sets of today often have 4 or even 5 backup copies in place, the basic rule is your best starting point.
 
 
Rule 1
Copy should be off-site
 
 
Rule 2
Different types of media
 
 
Rule 3
Copies of data stored
 
Step
 
04
 

Be Ready to Report any
Cyberattack Incidents

When a cyberattack occurs, the first instinct of many organisations tends to be to investigate, learn what occurred, and close the security loophole. However, countries and international organisations like Interpol are increasingly encouraging – or even regulating – the disclosure of cyberattacks.

This step is necessary to protect companies and consumers as well as to ensure judicial resources can be bought in to assist organisations that may not have the capacity to do so, as well as to seek prosecution of cybercriminals where possible.
 
 
Step
 
05
 

Protect Your Workloads
and Processes with DRaaS
Solutions

With cyberattacks being as prevalent as they are, having an effective Disaster Recovery solution in place is an essential part of any cybersecurity strategy. This used to mean having an offsite facility where your data was backed up on expensive storage gear, but Disaster Recovery as a Service (DRaaS) solutions have changed the game for businesses of all shapes and sizes.

DRaaS solutions like Veeam® Backup & Replication™ use a cloud-based data protection approach where your organisation's physical services and/or virtual machines (VMs) are replicated, stored and hosted using public or private cloud resources. This essentially means that you will instantly be able to recover files, NAS shares, entire VMs, databases and more.
 
DRaaS
Solutions
 
  Veeam
 
  Backup
 
  Replication
 
Step
 
06
 

Undertake Security
Awareness Training for
Your Employees

Your employees are the weakest link in your cybersecurity strategy.

And despite 90% of organisations claiming that their employees have undergone phishing awareness training, according to Verizon’s 2022 Data Breaches Investigations Report, 82% of data breaches involved the human element.

And many successful cyberattacks on organisations start with phishing emails.
 
 
Step
 
07
 

Test Your Ransomware
Recovery Plan

Many ideas and plans are great on paper but tend to fall apart when it comes to execution. Nowhere is this more true than with cybersecurity. Business is evolving every day, and the cyber threat landscape is evolving right along with it.

If you’re not testing your entire cybersecurity strategy regularly, including your ransomware recovery plan, you will never know if there are interdependencies, gaps and areas that need improvement.

Cyberattacks can take any number of forms, and your ransomware recovery plan needs to be agile enough to respond to whatever that may be.
 
 
Take the Next Step in
Your Business Continuity Plan
 
If you want to discuss how prepared your organization is for a ransomware attack and explore whether a Veeam cloud data protection solution is the right fit for your organization, then book a meeting with us today.
 
Our solution experts will answer any questions you may have and help identify where your Ransomware Recovery Plan may fall short.
 
Contact Details  
 
call +607-266 2969
phone_iphone +6011-5556 2969 WhatsApp Us
print +607-266 2968
mail info@itwin.asia
 
Our Location  
 
No.18 (PLO 184),
Jalan Angkasa Mas 6,
Kawasan Perindustrian Tebrau II,
81100 Johor Bahru, Johor, Malaysia.
  ITWin Technology Sdn. Bhd.  
Server Virtualization Johor | Enterprise Firewall | Vmware Certified Partner | Hyper-Converged Infrastructure HCI | ITWin