Ransomware and Air Gapped Backups

Bytechnicalguy

Ransomware and Air Gapped Backups

Think Ransomware is dead? Think again!

Here’s a chilling example of a Ransomware attack that will likely lead to the closure of the attacked business. The attackers are asking for US$14 million.

Ransomware Attack on Healthcare Provider

A Healthcare IT provider based out of Milwaukee Wisconsin is struggling to restore services to 110 nursing homes after a ransomware attack that was still ongoing at the time the article was written.

The attack affected

” virtually all of their core offerings, including Internet service and email, access to patient records, client billing and phone systems, and even VCPI’s own payroll operation”

It’s not stated in the article from Krebsonsecurity if backups were available, but if they were it sounds like they were also compromised.

Air Gapped Backups

air gapped backupA Cloud Backup like we offer at CloudPockets is an air gapped backup system.

What does this mean? It means your files are enumerated locally, encrypted, compressed, and then a connection to the server is made and they are sent to the server. After the backup is finished the connection to the server is closed.

This is different than having your backup server also on-premise and visible from within the network. On-premise backups have their place, to be sure, but Ransomware has been known to encrypt the on-premise backups, rendering them useless.

With a cloud backup the connection to the backup server closed so there is no way a ransomware attack can leap across that air gap to access the backups sitting on the cloud server from the local network.

This is the air gap, and it’s part of the 3-2-1 Backup Rule. The “1” is the cloud backup piece.

Ransomware and Healthcare

Ransomware attackers seem to be focusing more on the healthcare industry. This may be partly due to centralized services like the one in this article.

A French hospital was attacked November 22, and a Missouri health system was attacked November 21.

Ransomware doesn’t look to be slowing down, however it has become more focused on specific markets.

Local governments is another target, with Georgia county having to pay US$400,000 in order to recover files. Riviera Beach Florida paid US$600,000 to get files back, and the city of Baltimore refused to pay, but has since incurred US$18 million to recover.

Get An Air Gapped Backup

Whatever your industry; the likelyhood of a ransomware attack is increasing. Be prepared with a backup, and make sure one of them is an air gapped backup.

Share

About the author

technicalguy administrator

Guy Moss is the owner of Trusted Technology Inc, an IT Consultancy based out of British Columbia, Canada. With 20+ years of IT experience Guy provides hands-on technical direction and support for small businesses and non profits. He also manages this Cloud Backup site, plus Integrated Layer Website Hosting.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.