How to recover from a ransomware attack faster and return to business acceleration

ransomware API, cybersecurity, cyber security

Most businesses in Australia and New Zealand have moved past the initial stages of responding to and recovering from the coronavirus pandemic and are now looking towards business acceleration. However, this acceleration can be derailed in an instant if a business suffers a successful ransomware attack or cyber breach. Therefore, businesses need to act immediately to ensure that, if this occurs, they can recover swiftly and get back to a state of business acceleration without sustaining significant losses, according to Pure Storage. 

The risk of a ransomware attack is significantly higher in Australia than anywhere else in the world, with 67 per cent of Australian organisations suffering a ransomware attack in 2020 compared with the global average of 57 per cent. A further 23 per cent of Australian organisations accept that they are likely to be targeted by a ransomware attack at some point, leaving just 11 per cent confident that they won’t be targeted. The cost is also higher for Australian organisations who pay the ransom, with an average cost of AU$1.25 million for each breach.

In New Zealand, more than 50 per cent of organisations had been successfully targeted by a ransomware attack and 20 per cent estimated that their organisation was affected by 16 or more ransomware attacks per quarter.

Related article: WePower appoints energy leader to drive APAC growth

Mark Jobbins, VP & field chief technology officer, Asia Pacific & Japan, Pure Storage, said, “With the risk of a ransomware attack so high, organisations that are looking to continue accelerating their growth need to have a proactive plan in place to protect themselves. Cybersecurity tools are essential; however, ransomware attacks often bypass cybersecurity tools or exploit vulnerability gaps in an organisations’ security strategy. When this happens, the only option is to pay the ransom unless the organisation has a reliable, protected backup that it can practically revert to.” 

Most organisations backup their data for disaster recovery and business continuity purposes. However, restoring data from these legacy systems can be slow and cumbersome, with no guarantees. And, if the backup data is also corrupted, then the organisation may have no choice than to pay the ransom and hope the attacker decrypts the data without further damage.

Related article: QNI milestone as interconnector upgrade nears completion

To avoid this scenario, organisations should choose a backup data storage solution that locks down data, protecting it from malicious attacks. By creating an immutable snapshot of backup data and associated metadata catalogues, this type of solution can prevent the data snapshot from being deleted, encrypted, or modified. 

Mark Jobbins said, “Even when attackers gain admin privileges, the data snapshot remains off limits. This is a reliable way to keep data safe from attack. The next step is to restore that data quickly and effectively. This capability relies on the backup architecture. It needs to be able to bring in all of the data from the organisation’s many silos without getting slowed down; the faster the data can be restored, the sooner the organisation can get back to business acceleration.” 

Organisations should look for a rapid restore solution that delivers a data-recovery performance of at least 270 terabytes per hour for both production and test or development workloads. 

Mark Jobbins said, “Avoiding the costly downtime that usually accompanies a ransomware attack is a huge competitive advantage in an era when ransomware is one of the biggest business risks threatening organisations of all sizes. When an organisation can recover quickly from a ransomware attack and get back to business as usual, customers and partners gain confidence in the business, letting the organisation accelerate its growth safely and reliably.”