As ransomware attacks continue to proliferate, the soft underbelly of IT — how organizations often manage their data in a cavalier manner — is finally being exposed.
Ransomware combines social engineering techniques, malware, and encryption to take an organization’s data hostage. As this scourge continues, digital criminals are getting more sophisticated about selecting their victims. For a while, they focused on hospitals, which have lots of sensitive data they need to be able to readily access. Now it’s become apparent that police departments are also favorite targets for much the same reason.
The Institute for Critical Infrastructure Technology (ICIT) says ransomware represents nothing less than the weaponization of encryption. The problem is that the best defense against ransomware involves implementing best practices surrounding data protection. In theory, organizations that continuously back up and then archive data are only going to have a relatively small amount of risk to their data — assuming, of course, the place where they back up their data isn’t going to be infected by ransomware as well.
Ignoring the value of data protection
But therein lies the rub. The simple fact of the matter is that most organizations don’t appreciate the nuances of backup and archiving. Most of them back up their data intermittently and very rarely test to see if the backup has worked. Even those that do backup data don’t actually archive it after a certain period of time to reduce their costs.
The good news is that data protection technology has advanced by leaps and bounds in the past couple of years. Not only is it possible to more easily store data in a remote location using any number of cloud services, organizations can opt to automate the continuous backing up of their data. They can even have entire replicas of their application environment on standby that can be fired up in minutes just in case there is a disruption.
Unfortunately, many organizations have been betting that the data they put at risk is not worth the cost of using modern data protection techniques. Either because of inertia or some other budget priority, they continue to rely on flawed backup and recovery processes. Of course, digital criminals know this. It’s the primary reason why so many of the ransom demands involve hundreds rather than thousands of dollars. Digital criminals are betting that many organizations would rather pay a few hundred dollars to gain access to encryption keys to recover their data than go to the trouble of implementing sound data protection processes.
Waking up to the dangers
But as the perils of ransomware become better understood, it’s also clear that many more organizations are becoming alarmed at the prospect of being held hostage by digital criminals. It’s not so much the cost of the ransom that troubles them as much as it is the damage that could be done to the reputation of their organization. A hospital or police department that falls victim to ransomware doesn’t inspire much public confidence.
For IT service providers, ransomware creates an opportunity to have a discussion with customers about data protection that they might finally want to hear. It’s not like the technologies to limit the effectiveness of purveyors of ransomware haven’t been around. It’s just that in terms of overall priorities it’s been hard to get organizations to focus on data protection when, at least until now, the true value of that data has generally been significantly under appreciated.