What If Ransomware Was Just an Annoyance Rather Than a Crisis?

Imagine this: despite a strong firewall, your department is attacked by the latest ransomware that locks up all your employees’ devices right in the middle of the day, effectively stopping work.

Fifty minutes later, every device is back up and running, employees are back to work, your phone has gone blessedly silent, and the package of Tums you keep in your desk drawer lays undisturbed. And…you haven’t paid the ransom.

It’s possible. Here’s how.

It’s not just ransomware itself that’s a threat to businesses; it’s the increasing pace at which it evolves into ever more powerful superbugs that infect systems and evade detection.

The knee-jerk reaction from some in the security space: try to keep up with ransomware’s mutations by evolving prevention faster than the threat. But that game does not end in a winning proposition. While you may be able to defend your most valuable servers, it’s not uncommon for the attacker to find their way in through your endpoints. Faced with this reality, many companies are now just paying off ransoms with cryptocurrency, a short-sighted solution that doesn’t always work and that only makes you the target for more ransomware attacks.

Here’s a better approach: Adapt your preventative defenses, but work in parallel to deploy a ransomware-proof recovery plan for all of your vulnerable devices—including every endpoint.

What does a ransomware-proof recovery plan for endpoints look like? Here’s a quick step-by-step guide:

  1. Take stock of every endpoint device in your organization.
  2. Back up the data on every endpoint device. The more frequently you back it up, the less data you are at risk of losing in a ransomware attack. Backing up every 15 minutes is best practice.
  3. Back up your endpoint data in a solution independent of your cloud collaboration software. Ransomware can infect shared folders and, in some cases, spread it to other devices even faster.
  4. Confirm that your backup storage is not susceptible to ransomware attack.

With this recovery approach in place, any endpoint device locked by ransomware can be unlocked by wiping the device and fully restoring the user’s data from your backup stores. With practice and a well-documented process, users can be up and working in less than an hour after a ransomware attack.

Good prevention tactics will help reduce the cost and disruption caused by ransomware, but won’t eliminate your risks. Enacting a recovery plan that accounts for every endpoint is the most important next step you can take to limit ransomware’s impact on your organization.

Forrester Research Ransomware Protection: Five Best Practices

The ransomware threat is not going away. In fact, the ransomware epidemic is only growing. But it is possible to keep your business and your data safe. Read the Forrester report to learn how.

By submitting this form, you agree to Code42’s Privacy Policy.

Schneider Electric Achieves Multiple Benefits with Code42

Schneider Electric Sweden, an energy management company, lives or dies based on the success of their team of well-traveled consultants. And their consultants’ success is directly tied to the sensitive data that travels with them wherever they go. In fact, Schneider estimates the value of the data on a consultant’s laptop to be $150,000.

Because of the importance of this data–and the dire business consequences of it being lost, stolen or simply unavailable–Schneider decided to upgrade their backup and recovery solution to Code42.

The change was easy to justify. Schneider implemented the Code42 solution and it has already paid off for them in substantial ways:

  • Laptop upgrades in one sixth the time
  • Over 7,000 hours of employee downtime saved
  • Successful recovery from a WannaCry ransomware attack

Check out the full case study to learn more about how Schneider Electric keeps their most precious resource–their consultants–as productive as possible.

Protect your business from ransomware

Protect Your Business from Ransomware with Code42

Code42’s endpoint data security solution provides your business with a variety of benefits, including increased productivity, risk mitigation, streamlined user workflows, and more–all in a single product that’s been proven to ultimately save you money. With ransomware making huge headlines in 2017, one of the Code42 features that enterprises are most interested in is ransomware recovery.

Since Code42 backs up your data every 15 minutes by default, you can roll back to a point in time and access files you were working on before the ransomware attack–without ever paying the ransom. Ransomware recovery is one of the major ways a true endpoint backup solution beats file sync and share products for data backup. Sync and share products can’t restore to a particular point in time, but they can actually spread ransomware through an organization.

To learn more about how Code42 beats sync and share products for ransomware recovery, watch our latest feature video below.

Forrester Offers Five Best Practices for Ransomware Protection

Ransomware has reared its ugly head again, this time bearing the name Bad Rabbit. According to analysts at Crowdstrike, Bad Rabbit shares 67 percent of the same code as NotPetya, meaning this variant may actually be the work of the same threat actor. Bad Rabbit marks the third major ransomware outbreak in 2017. With WannaCry, NotPetya, and now Bad Rabbit, the public is more aware of ransomware than ever. However, awareness is not enough to protect your organization, your employees, and your files. With every outbreak, we come to realize that prevention is never foolproof, and faster detection only gets you so far. What matters most is the speed in which you can respond and bounce back when disruptions like ransomware strike. Forrester has assembled a guide in the proper response to ransomware in the report “Ransomware Protection: Five Best Practices.” Key takeaways of the report include:

  • Avoiding a ransom payment is possible
  • Preventing ransomware doesn’t require new security investments
  • Focus on your core security needs

In addition, consider these important tips that will also help you amp up your speed of response to ransomware attacks:

The human element of ransomware doesn’t get enough attention.

Laptops and desktops are hit by ransomware most often for a simple reason: they’re operated by users. Your employees are moving fast to create the ideas that make the business run, meaning they are prime targets for threat actors. Plus, cybercriminals are getting more and more sophisticated. They’ve optimized ransomware’s “user experience” to increase the odds that a victim falls prey and inevitably pays up.

Don’t blame humans for being human.

Don’t just give them the tools and training to know the dangers, but also the tools to always bounce back when they’ve made an error. Humans will make mistakes. It’s the role of IT and security teams to minimize the disruption and impact of those mistakes, get the idea engine – your employees – back up and running, so the business keeps moving forward.

Protection requires a renewed focus on IT and security basics.

It’s these basics that Forrester analysts Chris Sherman and Salvatore Schiano discuss in detail in the Forrester report. Read “Ransomware Protection: Five Best Practices” today to learn how to minimize business disruption when ransomware strikes.

Now is the Time for CSOs to Assess Crypto-Attack Readiness

We are witnessing a new wave of crypto-cyberattack. WannaCry has moved on, and Petya (also dubbed “NotPetya” and “GoldenEye”) is now in town. This new crypto-attack is creating havoc among enterprises throughout Europe and it is quickly making its way to Asia and into the U.S. So far, Petya has triggered floods of threats and ransom demands. It may not even be true ransomware – it may actually be a “wiper” attack or even an act of cyber warfare.

Given the heightened concern of how these crypto-attacks are upsetting the enterprise, it is appropriate to state that the risk associated with this threat category has increased. CSOs, CIOs, security team, and risk management decision-makers should prioritize this risk differently now than they have done in the past.

I am inclined to believe CSOs across enterprises are assessing their preparedness in handling this type of risk in both proactive and reactive mode. This is a moment in which leaders should be devoted to evaluating and assessing their current security posture, regardless of whether they have been affected by this malware.

CSOs evaluate their risk to the organization as a combination of probability and impact. Now is the perfect moment for CSOs to ensure they have appropriate coverage in all of their critical endpoints. When their assessment reveals their current state of inappropriate endpoint coverage, it is time to consider the probability their enterprise could be affected by such an attack, as well as the potential impact if and when such an attack strikes.

At Code42, we are available as subject matter experts to help assist customers with security preparedness. We are available to lend our expertise, as well as to help determine the percentage of endpoints in their organizations that may be at risk. Now more than ever, security should be top of mind for everyone in the C-suite. At Code42, ensuring that enterprises have appropriate coverage of their critical endpoints is what we live for. Reach out to us today if you have questions on how we can assist with your security preparedness.

Large University Expels Ransomware Attack with Code42

A staple in the surrounding community and one of the most respected educational and research institutions in the United States, the university has a deep history of excellence to uphold. For such a storied southern university with more than 13,000 students, protecting the sheer amount of faculty, alumni and student data is a cumbersome task. The IT department, which is made up of around 100 employees, turned to Code42 to make sure the right backup solution was in place in case of an attack.

With Code42, the university primarily backs up VIPs, such as the CTO, CEO and anyone higher up in the organization. “Typically they travel a lot and so they have laptops and a lot of times they have important data on their laptops. So we’re using Code42 backup to make sure no matter where they are we still are protecting all that data,” said a systems administrator at the university.

Passing the ransomware test

A VIP user in the human resources department called the help desk after a pop up appeared on her computer. Unable to remotely access the computer, the university sent desktop support personnel to examine the machine. Once help arrived, they realized a hacker was trying to cheat the system with a ransomware attack, claiming they needed a payment of three Bitcoin (at that time worth about $1,000) before returning sensitive data.

Learning about ransomware for the first time, the university didn’t know if there was anything they could do. Unwilling to waiver on paying the ransom, the university reached out to the IT departments’ systems administrator tasked with handling backups. Because the infected user was enrolled as a VIP on Code42, the systems administrator was able to restore her computer with an automatic, continuous and near real-time backup of all endpoint data.

“Code42 runs in the background. They don’t even realize it’s there. When they do reach out to us we can easily push a restore out to them, some of them can restore it themselves. It’s very easy to restore from. It’s really just peace of mind,” said the systems administrator. In the future, the university plans on expanding rolling out Code42 to the research community and additional staff, as well as implementing more security measures.

This isn’t an instance that only affected this university. Employee laptops and desktops are soft targets for ransomware. If a company is unable to reconstruct what existed on the device after a data incident, it may result in brand repercussions to class-action lawsuits or regulatory fines. By using Code42, it provides the data and tools needed to recover and avoid paying the ransom. Every time.

Ransomware Data Loss: What Will It Cost You?

Ransomware is a problematic cyber threat. In 2015, there were an average of 4,000 ransomware attacks per day in the U.S. alone, and the number has only climbed since then. Fifty percent of U.S. companies reported being the target of a ransomware attack in 2016. In 2017, the world was introduced to the biggest ransomware threats yet in the form of WannaCry and NotPetya. Worse yet, ransomware is predicted to $11.5 billion in losses by the end of 2019. If that doesn’t give you pause, nothing will.

Ransomware is real, rampant and ruthless.

Recovering from ransomware

The only way to outwit the cybercriminals is to protect your data before ransomware hits. The FBI agrees and recommends that you never pay. Without a comprehensive data protection strategy in place, you’re pretty much out of luck when ransomware strikes. When it does, it’s going to cost you, either in Bitcoin or in lost data.

The cybercriminals will tell you how much money they demand for the safe return of your data. But what if you follow the FBI’s recommendation and refuse to pay the ransom? How much would your data loss cost you?

Calculating the cost of ransomware data loss

If you aren’t sure how to quantify the financial impact of data loss from ransomware on your business, you aren’t alone. We’ve created a simple online calculator that will help.

It’s easy. Just answer a few questions about your enterprise environment. We do the number crunching for you. Curious about how much lost data costs you in other areas of your business? Complete the sections about data migration, hard drive recovery and device failure and loss for a custom analysis. This is especially helpful if you need to justify your endpoint data protection budget.

All in, it should take you about five minutes to complete. You can run the numbers as many times as you want to see how different answers affect your risk calculations.

Code42 data loss risk calculator

We hope that endpoint data protection is your number one priority as you plan for the next year. Based on the stats above, we’re all going to need it. Ransomware is like a runaway bullet train. Until you stop it, you’re at the mercy of a countdown clock and your ability to recover. Endpoint data protection is the only way to guarantee data recovery–without paying the ransom.

Find out how much ransomware data loss is costing you. Calculate your risk with the Data Loss Risk Calculator.

Facebook Twitter Google LinkedIn YouTube