Z Z Z Z

Waking Up From The

Ransomware Nightmare
Using the Right Backup and Disaster Recovery
Solution to Rescue Your Business

EBOOK | Last Updated: 10.29.18 | ©2018 Quorum, Inc. All Rights Reserved.
www.quorum.com | [email protected] | USA/Canada: 1.877.997.8678 | RoW: +44.203.858.0464 1
Your worst day
starts like this.
You click on a whitepaper download. It all looks so legitimate: the domain, the
company, the content. After all, you’re an educated IT professional. You’re not
going to click on a suspicious link.

Yet within moments, something ominous happens. A small window flickers open,
then disappears. A feeling of doom sinks into your stomach as you check to
make sure your files are safe—but then a message pops up, telling you your data
is encrypted and requires a specific code to unlock. You’ll need to pay a small
fortune in Bitcoin for that code and pay it fast. You may even be provided with a
customer service phone number to navigate what is essentially your data being
kidnapped. All the while, your company site is down, operations are disrupted,
and the clock is ticking.

You’ve been hit with Ransomware.

EBOOK | Last Updated: 10.29.18 | ©2018 Quorum, Inc. All Rights Reserved.
www.quorum.com | [email protected] | USA/Canada: 1.877.997.8678 | RoW: +44.203.858.0464 2
TO PAY OR NOT TO PAY
Rising over the IT world like a monstrous shadow, Ransomware costs businesses
hundreds of millions of dollars globally. The FBI reports a whopping $209 million Ransomware typically seizes control through a variety of hidden forms, such as a
paid out in the first three months of 2016 alone1; Kaspersky reports that the compromised site visited by your staff or a respectable-looking email opened by
third quarter of 2016 saw eight times as many attacks as the same timeframe a company leader. Often the malware is delivered through known vulnerabilities
in 2015. A report released by PhishMe concludes that 93 percent of all phishing
2
in common software like Windows or Adobe Flash. With operations brought to
emails contain encryption ransomware.3 a halt, and company assets essentially kidnapped, many businesses feel forced
to pay the demanded ransom—yet when they do, many find they invite further
In recent years, cyberattacks have become more clever, relentless and deadly.
attacks through a back door built into the release of their files.
Threats like Directory Traversal, SQL Injection, Cross-site Request Forgery (CSRF)
and XSS attacks are daily occurrences, often aimed at simple data theft or In stealing your data, Ransomware can threaten to steal your company’s future.
company disruption. Yet ransomware has opened a door to invasion and financial But surrendering and paying up is never the best option. The real solution lies in
loss that many IT teams don’t know how to close. making the theft irrelevant through a strong and fast backup and recovery tool.

http://www.wsj.com/articles/in-the-bitcoin-era-ransomware-attacks-surge-1471616632
1
EBOOK | Last Updated: 10.29.18 | ©2018 Quorum, Inc. All Rights Reserved.
2
http://www.informationsecuritybuzz.com/articles/ransomware-attacks-small-businesses-eight-times-higher-q3-2016-time-last-year/ www.quorum.com | [email protected] | USA/Canada: 1.877.997.8678 | RoW: +44.203.858.0464 3
3
http://www.csoonline.com/article/3077434/security/93-of-phishing-emails-are-now-ransomware.html
The Rise of
Ransomware
2013
A Ransomware worm called CryptoLocker collects millions in ransom
payments before being stopped by authorities.

2014
IaaS company Code Spaces is forced to declare bankruptcy after
being unable to pay several million in ransom for their data.4

2015
Nearly 40% of all business report a Ransomware attack.5

2016
Ransomware attacks quadruple in the first quarter of 2016.6

4
http://www.csoonline.com/article/2365062/disaster-recovery/code-spaces-forced-to-close-its-doors-after-security-incident.html
5
https://www.theguardian.com/technology/2016/aug/03/ransomware-threat-on-the-rise-as-40-of-businesses-attacked
EBOOK | Last Updated: 10.29.18 | ©2018 Quorum, Inc. All Rights Reserved.
6
http://fedscoop.com/ransomware-attacks-up-300-percent-in-first-quarter-of-2016
www.quorum.com | [email protected] | USA/Canada: 1.877.997.8678 | RoW: +44.203.858.0464 4
INSECURITY COMPLEX
Given the number of technological innovations promising to protect businesses may not even have trained IT leaders who can evaluate solutions and devise
everywhere, it’s worth asking: why is this particular cybercrime getting worse? intelligent risk management strategies.

Here are the top mistakes putting organizations at risk. Resources wasted on the wrong area. One dynamic that’s understandable –
but misguided – is focusing resources only on protecting the perimeter. These
The ostrich approach. Some teams convince themselves they won’t be targeted
teams believe the best security comes in the form of a fortress around their
because they’re too small to appeal to hackers or too big to be vulnerable. Reality
systems and so they focus on a strong perimeter firewall and tools that can
check: ransomware thieves have targeted everyone from retired grandmothers to
detect and stop known threat signatures. Yet this imbalanced approach can
enterprise organizations. They may demand only a few hundred dollars to unlock
leave them needlessly vulnerable when the inevitable happens and criminals
a personal computer or require millions in bitcoin from a state government, but
invade their systems.
anyone can be attacked.

Misplaced faith in expensive tools and successful compliance audits. Best-of-

77 SEVEN
SEVENTY
breed tech can be great, but it cannot always stop a cleverly architected attack.
Some of the biggest companies with the biggest security budgets have been 77% of survey respondents have
breached. Passing a compliance audit like PCI or HIPAA is also no guarantee relied on disaster recovery solutions
of protection. Compliance only demonstrates how well your security program
meets the minimum requirements of a specific regulatory institution. It can help after a security threat event – and
you avoid fines, but meeting those requirements won’t necessarily protect your over half are more worried about
assets from Ransomware.
security threats than hardware failure
Confusion over the right solution. We operate, as Gartner once said, in “a mature
market in which the wide variety of offerings and capabilities means vendors or backup disk corruption.
must be chosen carefully.”7 With so many products promising security, savings
and convenience, many IT leaders have a hard time separating the promise from
the delivery. With a shortage of experienced security personnel, organizations

EBOOK | Last Updated: 10.29.18 | ©2018 Quorum, Inc. All Rights Reserved.
7
Magic Quadrant for Cloud-Enabled Managed Hosting, North America, Gartner, 15 July 2014 www.quorum.com | [email protected] | USA/Canada: 1.877.997.8678 | RoW: +44.203.858.0464 5
WHY BDR IS THE REAL
RANSOMWARE SOLUTION
Ask an “expert” on how to prevent ransomware and you’ll hear plenty of
suggestions. Network segmentation, endpoint detection and response systems, It’s no exaggeration to say your company’s fate can hinge on the type of BDR
application whitelisting – even employee training to stop users from clicking on solution you use. In our digital world, downtime is always damaging in terms of
the wrong link. All of these are sound ideas, and part of basic risk awareness lost sales and damaged brand reputations. But the rise of ransomware has seen
and baseline protections. BDR become a matter of life or death for organizations. With a current backup
on hand, it won’t really matter that a mysterious crime ring is demanding you
Unfortunately, ransomware attacks can happen even to sophisticated, security-
fork over a fortune in Bitcoin. You’ll shrug it off, turn to your fast and encrypted
savvy organizations. Cybercrime is a thriving industry precisely because well-
backup solution, and be on your way.
funded criminals have the expertise to invade our systems. Many have learned
how to disguise their malware as safe-seeming applications. One common trick, But with the wrong solution? That zero-day threat is going to put you in a race
for instance, is to buy up a newly expired domain and compromise the ad-server, against the clock – the hours required to get up and running with your solution
deceiving every return visitor to that domain. With the number of employees, versus the countdown controlled by the person demanding your money. And
partners and users who influence our systems, and the ever-growing number of that’s if you even have a backup you can rely on.
apps we use, a ransomware attack begins to look like a haunting inevitability.
Make no mistake, many organizations have failed to beat that clock. These
Once an attack happens, all the perimeter protections in the world can’t turn criminals possess the same technical mastery as any IT security expert and they
back time. It’s up to one part of your security program to save the day: your know very well the inadequacy of common backup solutions. They have
backup and recovery solution. the timing of ransom extraction down to a science.

EBOOK | Last Updated: 10.29.18 | ©2018 Quorum, Inc. All Rights Reserved.
www.quorum.com | [email protected] | USA/Canada: 1.877.997.8678 | RoW: +44.203.858.0464 6
And that’s where your BDR comes in: the final defense as your assets hang in the balance.

Yet it’s clear that not every business has an adequate BDR defense. One reason: many legacy systems were designed to run as batch processes at night, during scheduled
downtime. That doesn’t work in our 24/7 world where the never-ending demand on servers, hardware and applications requires flawless levels of business continuity. Traditional
backup and recovery systems just can’t keep up. Time-consuming scheduled maintenance windows, coping with natural disasters and dealing with the inevitable (yet always
unexpected) hardware or software failure have been persistent headaches for organizations.

Even “advanced” solutions have presented new challenges, such as testing issues that leave teams unsure if their backups are even usable. Some solutions require a team just to
handle the deployment, hypervisor, hardware, and storage. Others offer inadequate support, or patchwork solutions that - when inspected closely – offer second-rate tools that don’t
work all that well together.

The problem is clear. While the right backup and data recovery solution can solve a Ransomware attack, many organizations are using the wrong one.

Backup and Data Recovery Today: Where Are We?

75% 75% of survey respondents use cloud-based disaster recovery solutions

36% 36% use a hybrid on-premise and cloud model

39% 39% use only DraaS.

24% 24% of respondents rely only on premise disaster recovery solutions.

89% 89% of respondents are planning on implementing more cloud based disaster recovery.
7
Kidnapped? 5 Steps to Taking
Control of Your Ransomware Attack.

Build Your Escape Route Before You’re Attacked.

Instead of placing bets on your odds of a ransomware attack, assume it will happen at some point. Get
the right solution in place now so that you have encrypted offsite backups that are automatically tested
and available within minutes.

Limit the Damage.

As soon as you realize your files, servers or applications are locked, take them offline. Isolate any
impacted laptops or devices from your networks, to confine the malware to a single device.

Put Your Clone to Work.

Launch the clone of your production server from a clean, unimpacted point in time. You aren’t just
eliminating downtime or lost data; you’re eliminating any ransom payments too.

Repair the Damage.

Take your time cleaning and repairing your production systems, use the opportunity to patch and update
any vulnerable applications.

Failback to Production.
Once your production systems are clean, up and running, failover from your clone back to production.
With a smooth migration of all recent changes, your system will be strong as ever.

EBOOK | Last Updated: 10.29.18 | ©2018 Quorum, Inc. All Rights Reserved.
www.quorum.com | [email protected] | USA/Canada: 1.877.997.8678 | RoW: +44.203.858.0464 8
CHOOSING WISELY: USING
SECURITY-SMART BDR
To adequately defend your organization, you’ll need a modern solution that
offers immediate recovery, encrypted backups, and exact replicas of your
most critical systems.

Evaluate your current BDR tool as a critical security defense. If your enterprise
is still relying on older operating systems, physical datacenters
and legacy solutions, it’s time to let go. Once your systems and applications
are virtualization-ready, you can migrate to a virtual infrastructure and enjoy
the stronger business continuity and protection of offsite backup and
disaster recovery.

Embrace DRaaS. Believe the hype: Disaster Recovery as a Service (DRaaS)

really does leapfrog over the limitations of traditional recovery solutions.
That’s probably why a report by MarketsandMarkets8 estimates it will grow
from $1.42 Billion in 2015 to $11.92 Billion in 2020. By maintaining a copy of
your data and systems on the cloud, and being able to failover all your servers
to the cloud, you’re going beyond simple data recovery. You’re now enjoying
the freedom and peace of mind that comes with a more holistic BDR cloud
solution. No more constant upgrades, or disk drives with backup data storage
or configured servers waiting in physical sites.

EBOOK | Last Updated: 10.29.18 | ©2018 Quorum, Inc. All Rights Reserved.
8
http://www.marketsandmarkets.com/PressReleases/recovery-as-a-service.asp www.quorum.com | [email protected] | USA/Canada: 1.877.997.8678 | RoW: +44.203.858.0464 9
 Snapshot-based backups that replicate your server
Near-immediate recovery, with virtual clones of
image, applications and data, with incremental
Choose the best solutions. If your your environment that can be spun up in minutes.
backups at the frequency of your choice.
leadership is still taking budget
away from backup to strengthen the
perimeter, you’ll have an expensive
Automated DR testing, so that every backup is Deduplication features that reduce storage and
problem on your hands when current, correct and ready to run—as soon as network bandwidth requirements.
ransomware hits. The good news is it’s needed.
that investing in the most advanced
BDR solutions is the cost-effective
path; from reduced labor requirements A fully isolated sandbox environment that allows Offsite, encrypted storage that protects your
to cost-effective cloud resources to for patch testing, upgrades and configuration backup data in a remote location or the cloud.
changes before moving into production.
thwarting ransomware attacks, the
right solution can save you time,
money and headaches. That means Flexible failback options that allow you to
User-friendly installation and configuration that
looking for a solution that offers: failback to similar or different hardware, from
happens in hours, not days, without requiring a
physical to virtual, virtual to virtual, or virtual to
skilled team.
physical hardware.

At the end of the day, the digital world is a high-stakes game for every business. Ransomware criminals will continue to treat companies like ATM machines as long as weak
and inadequate backup solutions are on the market. But becoming intimidated or simply ignoring threats is never an effective solution. Organizations must realize that the
right BDR solutions are available and can solve their ransomware fears.

The best way to end any nightmare is to wake yourself up. Using a modern, fast backup and recovery solution can do just that, bringing a swift end to any ransomware
catastrophe, and taking back the power for your organization.

1-Click Instant Recovery