On Monday, the WannaCrypt worm (also known as WannaCryptor and WannaCry) brought a worldwide spotlight to ransomware attacks once again. The infection spread due to a combination of people clicking on attachments from “sketchy” senders and unpatched systems. But, while trying to educate people to stop clicking on attachments from people they don’t know and keeping systems patched are worthy goals, there is another solution that can provide companies a safety net during this kind of digital attack.
One option is to just pay the ransom and get your data back. Ransomware thieves have a reputation of being trustworthy, meaning if you pay, you will get access to your data. But, there are no guarantees they will do it, and no way to know that they won’t come back to extort you a second or third time. There is also the ethical question of paying off thieves, but it’s your data.
Now, you won’t have to pay IF you have a backup of the encrypted files. Typically, backups are done at the end of the day, during off hours. Massive amounts of data are backed up on a daily basis to secondary storage. So, depending on when the attack hit and the amount of data updates lost, it could be in the hours, or even a full day’s worth of changes since the last backup.
So whats the solution?
For some applications, there isn’t much change in data, so reverting to the last backup should be fine. But, for more critical applications, losing hours of data is very problematic. That’s where Continuous Data Protection (CDP) comes in. CDP captures every write operation from an application and stores it in a second location. This means that you can revert back to the last data that was written before the ransomware attacked occurred, ensuring that data loss, if any, is minimal.