What is Ransomware?

Maybe you haven’t been a victim of ransomware, but you’ve certainly heard of it. Ransomware hacks are in the news daily. According to a recent study published by McAfee Labs, ransomware growth increased by 58 percent for Q2 of 2015. But whether you’re a consumer, business owner, or government entity, the question is not “Will I be a victim of ransomware?” Instead, the question everyone should be asking is “When will I be a victim of a ransomware disaster?” Fortunately, falling victim to a ransomware attack doesn’t have to result in a disaster—if you have a proper backup policy in place.

Ransomware first arrived on the scene in 2005. The first known ransomware strain was Trojan.Gpcoder, which affected Windows operating systems. Although ransomware attacks still use screen pop-ups that notify users of the attack and the amount of money required to unlock a computer, other ransomware attacks are more sophisticated and use “unbreakable encryption.” That usually means if your data is not backed up you will not be seeing it again unless you pay the ransom. And, unfortunately, just because you pay the ransom in return for a decryption key does not guarantee that the key will work and that you will get your data back.

Ransomware can infiltrate and spread throughout your systems in a matter of minutes; all it takes is one wrong click. This type of malware typically enters a network through its weakest link—social media or an email with an infected link or attachment. The bad news is that ransomware is easy to create and deploy. The good news is that you can fight ransomware with a solid backup plan.

Have you ever asked yourself: “What would happen to my business if I lost all of my data?” Having a backup plan in place is not just a sound operational practice, it’s often required by law or regulation. For example, HIPAA requires healthcare organizations to have and test a viable data backup and disaster recovery plan. The same holds true in the financial services industry; both the OCIE and FFIEC have made this a priority in their enforcement and audit practices.

If you do not have a backup plan in place, today is the best day to develop one—and EMC is a great place to start. Mozy and Spanning (both by EMC) offer data protection and data restore no matter where your important files reside. Mozy is an endpoint solution that backs up files on your computers to the EMC cloud. Spanning protects your born-in-the-cloud data for Salesforce, Office 365 (including One Drive), and Google Apps (including Google Drive).

Make no mistake about it—ransomware is a growing threat to all businesses and consumers. In 2014 alone, there were 2,122 confirmed data breaches! Fortunately, there are steps you can take in order to harden security against these types of cyberattacks. First and foremost, businesses must have a legitimate backup plan in place. In addition, we strongly recommend testing your backups periodically to make sure they’re intact and up to par. Equally critical is the ability to restore your data to a specific point in time before the ransomware attack occurred.