How Does a Disaster Recovery Strategy Really Protect My Business?
Axis Computer Networks provides comprehensive network security services, including anti-virus and anti-hacking measures to prevent breaches within the company infrastructure. Unfortunately, there are no guarantees that a network can be completely, 100-percent protected from a breach, quite simply because hackers are working constantly to find their way through existing security systems and technology. The only way to really be completely sure to protect your network, your data, and your business from this threat is to understand what you’re up against, even if that means planning for the worst.
Here’s a real-world example of how a network was compromised by hackers even with a full suite of security systems in place:
Case Study: Recovering from a Ransomware Attack
The client in question has had a long relationship with Axis Computer Networks and was not considered to be a high-risk client that did not follow security procedures.
The client was infected with ransomware, which is a type of malicious software designed to block access to a computer system until a sum of money is paid, even though the company followed recommended security practices.
The infection occurred when a single user came across an e-mail requesting a past-due invoice be reviewed and addressed. The e-mail was structured in such a way that it looked like it was a legitimate request from a current vendor.
The sender’s email address had been “spoofed,” a common practice of tricking a person at the target company to think it is coming from a current vendor, and usually this is done just by changing a letter or two in an email address so that “Bob@microsoft.com” is changed to “Bob@micrasoft.com.” With a quick glance, most people would miss the change in spelling of the domain from an “o” to an “a.”
Once the e-mail was opened, the user proceeded to click on the attachment, which looked like an invoice document file. But in this case, it was not a document but rather, a script. A script is not a virus so it will not get blocked by firewalls, spam-filtering software, or anti-virus software. The script introduces a set of commands to the user’s computer that initiates actions on the computer, in this case, to encrypt shared files. Once the files are encrypted, the script spreads across the network, infecting all user computers and files. Once all the servers and workstations are compromised, the ransomware basically locks down access to all files as well as the workstations and servers.
Any business that suffers a ransomware attack could be dead in the water, with no access to their computer files and data.
The only true way to guarantee recovery in these types of hacks is having a Disaster Recovery plan in place that assumes the worst. The security measures that help prevent attacks are key to weeding out less sophisticated hackers and preventing such problems from becoming regular occurrences, even if the attacks are ineffective.
But preventive measures are only part of the protection a business needs. Any business that’s serious about its security uses a disaster recovery strategy, including regular network backups, to ensure business continuity.
At Axis Computer Networks, we have experience with these attacks. In the past, we have had companies call us when they were hit with ransomware, particularly when they found their current IT provider had no idea how to proceed, and instead abandoned them in the face of an attack. Unfortunately, those organizations didn’t have the right disaster recovery plan and actually had to pay the hackers to recover their files.
For the ransomware attack we described in the previous section, the client was using our premier solution that has been 100-percent successful in recovering from ransomware attacks. We were able to get the server back up and running within 30 minutes and reconnected all the systems within the same day, implementing our Disaster Recovery Solution.
The alternative would have been to pay the hackers the ransom, which is not even a guaranteed resolution. After all, criminals cannot always be trusted to hold up their end of the bargain after getting paid.
Even worse, we have found that when ransomware works and a target company pays the ransom, that sends exactly the wrong message. We’ve seen it happen: When the hackers receive the payment, they know they have a worthwhile target and they often turn on the script again to resume the process, to lock up the target company’s files. The only way out? Pay more.
The disaster recovery solution that we had set up for the client in this case protects against ransomware, hacks, and pretty much any other disasters. The solution provides backups on an hourly basis rather than nightly, minimizing the loss of data, and uses Virtual Server technology, so even if the hardware for a server is completely destroyed, the business can be back up and running within minutes. The system uses an on-site device, and the backups are replicated in the cloud—both effective tools that work in concert to ensure data and files can still be recovered.
Having the right security solution in place is the first step to protecting a company and preventing business interruption, but a disaster recovery strategy, including backups, is instrumental to protect that entity fully from attack or catastrophe.