Can Cloud Based Backup and Recovery Provide Ransomware Protection?

JUN 18, 2018

Ransomware is quickly becoming one of the most damaging forms of malware in recent memory. Imagine your file system encrypted and held for ransom, with no guarantee that paying the ransom will provide the necessary means to decrypt and restore the files. You are, after all, dealing with criminals.

The question remains, how do you best protect against Ransomware attacks? Making sure your organization has a recent backup of your files is one of the preferred ways to defend against any attack that makes it through traditional security defenses. What is beginning to challenge the security industry is the arrival of insidious forms of ransomware that also target backups by lying in wait for the backup cycle to begin before it strikes. The increased sophistication of malware attacks coupled with the true possibility that you will never actually gain access to the compromised data is driving businesses to identify the best way to secure their data.

Can cloud based backups protect against this?

Advantages of Cloud Based Backup and Recovery

  • Most cloud base backup solutions have versioning capabilities, effectively allowing the rollback of Ransomware encrypted files to the pre-encrypted version.
  • Many cloud based backup and recovery solutions include data protection that looks for Ransomware activity and shuts it down automatically (massive amount of writes and renames of file extensions)
  • Many cloud based backup and recovery solutions are not linked to the users profile and don’t show up as another drive or shared folder – which are often targeted by Ransomware.

Disadvantages of Cloud Based Backup and Recovery

  • Many cloud backup and recovery solutions sync local data to the cloud on edit. This means that a Ransomware outbreak on the local filesystem is automatically synced to the cloud version.
  • Not all cloud backup and recovery solutions offer mass data recovery. This means that you might be stuck rolling back each individual file to a previous state manually.
  • Data protection laws are a real concern and businesses must read the terms and conditions of a cloud based solution carefully to ensure their obligations under data protection laws are not compromised before committing to the service.

Conclusion

Fundamentally, the best protection against Ransomware is preventing the infection in the first place. Organizations need to double down on protecting common entry points that Ransomware often uses like websites and email. Ransomware is unable to do any damage if it is detonated in a secure environment before it gets to the user’s endpoint. Isolation technology continues to be the best defense against Ransomware. If Ransomware does get through, having a good, up to date backup is essential. A good cloud-based backup and recovery solution will offer forms of data protection to quickly identify and stop Ransomware before it causes damage. In the end, prevention is the best medicine when it comes to Ransomware and cloud based backups typically offer all the needed capabilities to combat the malware.

Brad Bussie
Brad Bussie

Brad Bussie is an award winning fifteen year veteran of the information security industry. He holds an undergraduate degree in information systems security and an MBA in technology management. Brad possesses premier certifications from multiple vendors, including the CISSP from ISC2. He has a deep background architecting solutions for identity management, governance, recovery, migration, audit, and compliance. Brad has spoken at industry events around the globe and has helped commercial, federal, intelligence, and DoD customers solve complex security issues.

Leave a Reply

Your email address will not be published. Required fields are marked *