Does your current cloud backup keep you safe from ransomware? At least two companies over the last few days found out their cloud backup didn’t protect them. You can read about it here. It’s important to know. Please, don’t find this out the hard way.
You’ve all probably read about ransomware. It’s a type of malware which will encrypt your data until you pay some cyber-criminal a ransom. The ransom is paid in bitcoin and is essentially untraceable in terms of who receives it.
When you pay the ransom, at least in theory, a key is sent to you that allows you to decrypt your data. We say, in theory, because these are criminals in a digital for organized crime. They are running a business. That business has become a billion-dollar or more industry. We don’t know, we assume that these criminals know that they need to give your data back or soon no one will pay the ransom.
The way to defeat ransomware is to have a backup. When they attack, you wipe or replace the machine and restore the data to the new, malware-free machine. That’s not so easily done in the current “work from home” world, but that’s what has to happen.
But as employees have moved to “work from home” more and more companies are depending on a local backup or a cloud backup. A local backup is a problem. Most ransomware will also reach into any drive storage connected to the infected machine and if that happens your backup is essential already gone. Never mind the fact that home backup hardware is notoriously unreliable. As our head of our operations likes to say, “it works – until it doesn’t.”
Recognizing this, many companies have, or are engaging a cloud backup. But if the cloud backup is essentially a file share, there’s nothing that stops the ransomware from leaping onto that backup and encrypting it. In that case, your backup is worthless.
This is exactly what has happened to those two companies and who knows how many more. If you want to read the story of a law firm that had its machines and cloud backup encrypted, check out Howard Solomon’s story in IT World Canada. Howard is one of the most respected security reporters in North America. His podcast, “Cyber Security Today” has millions of downloads. His stories are followed. So we’re very sure he’s got his facts right.
Not all cloud backup systems are the same
Our job is to ensure that we find the right solutions for our clients. That’s why we picked Datto to provide our customer cloud backup. We chose them for a number of reasons. One reason is their approach to ransomware protection in the backups for our clients.
In short, Datto uses a well-established file protocol used by a number of companies called ZFS (Zettabyte File System). But they also have their own proprietary file transfer system from your device to the cloud backup. This protects the transit from your machine to the cloud and when it is written to the cloud backup. When the files are stored in their incremental “snapshot” format, they cannot be altered, and they are not linked in any way that would allow ransomware to infect a prior backup.
So if you have our SaaS Cloud Backup of Office 365 or G-Suite and you get hit by ransomware, here’s what happens. We’ll normally get a warning, but you’ll probably know right away. Ransomware is quite obvious. If this happens, we can help you restore to a prior backup. Actually, it’s so easy you could do it. If it was just an accidental file deletion, you probably might. But if ransomware is involved, you may want some help. We understand.
Or if someone is working from home and their Windows machine is infected, you have an equally simple recovery. With our Cloud Protection, we’d be able to spin up a virtual machine in the cloud. That’s really important, especially since your employees are probably working from home. It may take days or more to ship them a new machine with their files restored. A virtual machine and a browser will get them up and running in no time.
It’s the same for our server backups if you are using them. Combined with our Remote Access Service, we help you safely recover and get your employees back to work rapidly – without compromising the health or safety of your IT staff.
Please check – before it’s too late!
Yes, we want to sell you our services. That’s how we stay in business and provide good Canadian service jobs. We’re proud of that. We work hard for our clients and we’re proud of that too.
But that’s not why you are getting this message. When this story broke, we felt we had to let our clients and prospective clients know so they can check with your existing provider and make sure that your cloud backup cannot be encrypted by ransomware.
We’re paranoid about security and backups. We’re one of the few companies we know that test client backups regularly. We do it because we know that no matter how good the system, something can always go wrong. But there is no reason for you to have ransomware threaten your company in the way this article described.
Being in this industry we’ve seen companies from small businesses to multi-million-dollar success stories taken to the brink by ransomware. The new variants keep getting better and better. We know that the average Canadian company gets attacked hundreds of times a year. 87% of Canadian organizations suffer at least one successful breach of their defences each year. At some point, one of these may be ransomware. Please don’t let it happen to you.
Buy from anyone you like, but please, check to see that you have the right protection. If you have any questions, call us. If you are a skeptic, we’ll have a technician show you how this works.
If you call us, we’ll tell you what we know about this, or any other security or IT issue. Where we can, we’ll try to answer your questions.
Stay safe – personally and in terms of cybersecurity.
From the team at Performance Advantage
You can reach us at 411@PerformanceAdvantage.ca
or in a cybersecurity emergency 911@PerformanceAdvantage.ca
PS. We’ve also included a link to our Business Guide to Security – a primer on cybersecurity written with a businessperson in mind.