Date: May 15, 2017
Author: 11:11 Systems
Editor’s Note: As of January 2022, iland is now 11:11 Systems, a managed infrastructure solutions provider at the forefront of cloud, connectivity, and security. As a legacy iland.com blog post, this article likely contains information that is no longer relevant. For the most up-to-date product information and resources, or if you have further questions, please refer to the 11:11 Systems Success Center or contact us directly.
Well, if you are one of the businesses that hasn’t yet taken action to protect your IT systems against ransomware attacks, last Friday was your wake-up call. Hundreds of companies across many countries – including most alarmingly the NHS in England – were hit by the “WannaCry” ransomware virus. IT teams who have until now taken the attitude of “it couldn’t happen here” now need to sit up and take notice.
Like many others, we read with increasing alarm the impact of the ransomware virus as it unfolded on Friday and over the weekend. Most concerning and upsetting was the fact that people’s health and lives were being put at risk by NHS patient data files and medical systems being encrypted, highlighting in no uncertain terms the huge cyber-security challenge faced by the healthcare industry. But companies in all industries should see this in the context of the financial risk they face in the now highly likely event of a ransomware attack. How much would you be prepared to pay to unlock mission-critical files that could stop you from doing business for days or weeks?
We were most struck by advice given in the UK Financial Times this morning:
“The best way to protect against ransomware is to back up your data frequently so that you can go back to a recent archive in the event of an attack.”
It sounds so simple and yet so many companies, both large and small, do not have invaluable backup and disaster recovery processes in place that can help avoid the need to fork out huge sums in the event of a ransomware attack. Just recently, 11:11 Systems has had customers who have successfully recovered from ransomware attacks using the built-in seven day backups available on our secure cloud hosting solution.
Here are three ways our customers are using secure cloud hosting, cloud backup and Disaster Recovery as a Service (DRaaS) to both protect against and remediate from ransomware attacks.
Cloud Security: Advanced cloud security features are essential in the war against ransomware to protect both hosted production workloads and replicated DR workloads in the cloud. In the case of the WannaCry virus, many IT systems were impacted because of a vulnerability in unsupported versions of the Windows XP operating systems. Constant scanning and identification of vulnerabilities are provided by the 11:11 Cloud which, along with reporting and alerting, enables customers to patch these vulnerabilities before a ransomware virus has the opportunity to infiltrate files. Vulnerability scanning as well as encryption, intrusion detection and prevention, integrity monitoring and log inspection are essential to both cloud and on-premises IT systems. In fact, many 11:11 customers are able to identify system vulnerabilities and risks during DR testing that they had not identified with on-premises security tools, enabling them to address these before being targeted by a cyber-attack.
Cloud Backup: Most IT pros reading this will have a data backup strategy in place – but how many have data backed up in an off-premises location or the security of knowing that data can be restored from a ‘clean’ VM in the cloud in just seconds? 11:11 has built-in, seven day backups on our Infrastructure-as-a-Service (IaaS) offering which can be extended to 30 and 90 day backups. Many customers, realising the need to have a remote, secure location for backups, are also leveraging our Secure Cloud Backup with Veeam solution which stores an up-to-date copy or secondary copy of virtualized applications in 11:11’s cloud, restoring files and virtual disks back to the local environment as needed.
Disaster Recovery: The combination of aggressive RTOs and RPOs as well as journaling makes DRaaS a very effective weapon in the battle against ransomware. Our DRaaS customers are able to failover production to the 11:11 Cloud in the event of a ransomware attack and restore production systems within minutes or even seconds. Journaling with the 11:11 DRaaS for Zerto solution whereby a running list of storage “writes” are kept in a special log file called a journal enables granular restoration of virtual machines from specific points in time to enable you to failover to a point in time before the ransomware attack. I’m sure many IT managers who were victims of the ransomware virus this past weekend would have loved to have had this capability available to them.
Many businesses have now had their ransomware wakeup call. The good news is that there are ways to protect and remediate ransomware, and now is definitely the time to take action. Contact 11:11 Systems to find out how to protect your business from the unfortunately inevitable ransomware attacks that will come in the future.