Backups are the best tools for countering ransomware

Select an option below to continue reading this premium story.

Already a Honolulu Star-Advertiser subscriber? Log in now to continue reading.

Get unlimited access

From as low as $12.95 /mo.

Subscribe Now

Last week’s global ransomware outbreak signaled that this is a trend that is sure to continue. With all the press ransomware has received in the past, one would think it would be easier to control. The fact of the matter, however, is that ransomware is here to stay, and the only remedy is to be prepared for an attack.

Why can’t we stop it? Much like its older cousins viruses and malware, ransomware gets onto our machines by exploiting human weaknesses. Even the most seasoned IT professionals have accidentally triggered viruses or malware by clicking on bogus links or opening the wrong attachment. Ransomware most often enters the same way.

Further, while there are many reputable companies engaged in ransomware prevention, it is simply not possible to stay ahead of the bad guys. Sure, current anti-virus/malware/ransomware packages can prevent attacks similar to those by past intruders, but new attacks are devised daily. The current state of the anti-virus/malware/ransomware market simply can’t prevent an attack until some poor soul has been victimized.

So how does one prepare for a ransomware attack? By ensuring proper and regular backups are taken. The way most ransomware works, however, is that it encrypts data on all drives that it can see. So care must be taken to use backups on devices that ransomware can’t see. This can be tricky but is achievable.

A simple solution for a single PC might just be to plug in a USB drive, take the backup and unplug the drive. Of course, this is not a tenable solution for multiple PCs in an office environment. Network drives can be used for backup, but many ransomware attacks encrypt data on network drives as well.

A popular solution nowadays is to use cloud-based services to back up your data. Again, care must be taken in the configuration of such services to ensure that ransomware won’t attack the service. Check with your provider on the best tips.

Don't miss out on what's happening!

Stay in touch with breaking news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

Larger environments, of course, need more robust solutions. Larger businesses and government organizations need to make an honest assessment of the true cost of a ransomware attack and devise an appropriate backup solution.

Anecdotal evidence suggests that paying the ransom has been successful, but you’re not exactly dealing with honest, upstanding citizens here. There is no guarantee that the decryption, even when paid for, will be successful. Further, once you’ve paid the ransom, you are probably “marked” for future attacks, when the ransom will surely be higher.

John Agsalud is an IT expert with more than 25 years of information technology experience. Reach him at jagsalud@live.com.