It made the news this month when Hollywood Presbyterian Hospital was attacked by ransomware. This type of malware invades a network and encrypts every file it can grab, holding it hostage for a requested ransom payout — in the case of Hollywood Presbyterian, in the neighborhood of $3.5 million in bitcoin currency.
While ransomware attacks have been around for a while, this attack upped the ante from the typical hits on individuals and public-nuisance attacks on local government services — including a suburban Boston-area police department, which, last spring, forked over $500 to get its data back.
Because medical record access can be a matter of life and death, the Hollywood Presbyterian attack represents a new level of ‘mal’ in which the classic threat, ‘Your money or your life!’ can literally be taken at face value.
Kidnapping has always been a bold crime that catches the public eye, from the tragic Lindbergh baby case to cartoon memes of nefarious evildoers throwing burlap sacks over their victim’s heads. In every instance, the target of kidnapping has two common attributes: high value and vulnerability.
Which is why, in this information-driven era, the hostage-taking is targeting business data. You plan your data protection and disaster recovery strategy to mitigate risk by avoiding vulnerabilities. More and more, businesses are rethinking their strategies, implementing backups with appropriate recovery point objectives (RPOs) and recovery time objectives (RPOs) for their various applications and data. This brief tip sheet provides a great overview of the factors to consider when determining recovery objectives.
But some vulnerabilities are harder to fix. There is, for instance, human nature: Even people who know that Bill Gates isn’t going to give them $5,000 for sharing a Facebook post and that the guy who wants you to wire him money is a thief rather than a Nigerian prince, can fall for these phishing schemes.
Click on an innocent-looking attachment that’s supposedly an invoice — or even an image file in an IM chat — and you could be launching disaster.
Which is why you need to give your disaster recovery plan a particularly close look. Determining recovery objectives is just phase one of implementing a good disaster recovery plan. Phase two is in the implementation of modern data protection: choosing tools and solutions that truly protect against anything that could ‘possibly go wrong.’
Are you backing up your data? Good for you; but it’s not necessarily enough to protect against a ransomware attack. Because, here’s the kicker: Once an unsuspecting user opens the Trojan Horse, ransomware will propagate to any connected system and drive, encrypting and locking your vital data — taking it hostage.
What works, then? With modern image-based, incremental-forever snapshot backups, you can easily restore your systems to a set of recovery points prior to the malware infection.
Routinely get your data offsite, so that ransomware can’t run through your network on a virtual crime spree. One approach is bare-metal restore or file-level restore from cloud-based archive.
Hollywood Presbyterian Hospital settled with their crooks by paying a reported $17,000 worth of bitcoins. And, reportedly, no one’s health suffered as a result of the breach. (Except, possibly, the blood pressure of the IT staff and management dealing with the crisis.) Chances are, whatever a ransomware breach would cost your organization would cost more than the planning, licensing and implementation of a reliable, full-featured, and flexible data protection solution for your systems, applications, and data.