If you think ransomware couldn’t get any sneakier, you’re wrong.
One of the major trends with ever-evolving malicious software is having it infiltrate an organization’s data backups. The ransomware lies low in your network until data needs to be recovered back into production, and then it detonates. It’s a highly dangerous situation for organizations, because contaminated files used to restore data only perpetuate the attack cycle.
A ransomware backup protection strategy must include best practices to ensure recovered data is free from infection. To this end, vendors are starting to add ransomware-specific features — such as using machine learning technology and predictive analytics to detect suspicious behavior — to their backup products. But backup admins need to put comprehensive backup and data protection procedures in place to provide their backup platforms with optimum protection.
Some organizations believe that if they have data backed up, they have ransomware backup protection in place, but that’s not the case. This handbook discusses how ransomware can infiltrate data backups, what organizations can do to best prepare for this new problem and general guidelines for better backup practices.