Detecting Ransomware In Your Backups? It’s Already A Reality

In 2016, it was estimated that roughly 80 percent of U.S. companies have suffered a cyber-attack of some kind, with 47 percent experiencing a “ransomware incident.”

1. The FBI estimated that ransomware will cost businesses over $1 billion.
2. 67 Percent of ransomware targets are SMB’s with sub-par IT security and extremely valuable data.
3. 96 Percent of ransomware victims lose access to their data for more than a day. Causing business-thwarting downtime.
4. In a recent study conducted by security software vendor McAfee Labs, researchers identified more than 4 million samples of ransomware in Q2 of 2015, including 1.2 million new samples. That compares with fewer than 1.5 million total samples in Q3 of 2013 (400,000 new). Ransomware is distributed in a variety of ways and is difficult to protect against because, just like the flu virus, it is constantly evolving.
5. A more recent study by IBM actually said that 7 out of 10 CEO’s admitted to paying the ransom to keep their businesses running.

The average ransom used to range from 500 to 1000 dollars to get the data back. But recently the price tags have gone up. It started when Hollywood Presbyterian Hospital in California paid over 17,000 dollars in ransom in undetectable bitcoin currency and it’s excalted since.

You can take great measures on perimeter security and you can train employees by making them aware of how ransomware is delivered however, because ransomware is constantly evolving, even the best security software can be breached. This is why a secondary layer of defense is critical for businesses to ensure recovery in case ransomware strikes: backups.

Modern total data protection solutions, like ThinkGard’s take snapshot-based, incremental backups as frequently as every five minutes to create a series of recovery points. If your business suffers a ransomware attack, this technology allows you to roll-back your data to a point-in-time before the corruption occurred. When it comes to ransomware, the benefit of this is two-fold. First, you don’t need to pay the ransom to get your data back. Second, since you are restoring to a point-in-time before the ransomware infected your systems, you can be certain everything is clean and the malware cannot be triggered again. Additionally, ThinkGard’s fully integrated total data protection platform, now includes the industry’s first ransomware detection capability. When ransomware is detected, our DataGard system will alert and allow for roll back to a state before the ransomware hit, saving you from downtime and avoiding the ransom. In fact, we are proud to report that within the first 24 hours of firing up the ransomware detection system for our customers, a discovery of ransomware was made. Without this, the customer may have never known until they needed to retrieve or restore a file.