Ransomware attack protection has never been a hotter topic.
In March this year, an alert was issued to the UK education sector following a rise in ransomware attacks on schools, colleges and universities. On 7th May, a ransomware attack led to the shut-down of the pipeline that supplies half the oil to America’s east coast (and resulted in a $5m pay-out being made to the cyber-criminals). A week later, Ireland’s Health Service Executive (HSE) was hit by a ransomware attack which demanded a $20m pay-out – declining to pay, the HSE reverted to paper-based processes, along with the delay and upheaval that caused. Their services and systems continue to be impacted by the ransomware attack.
Ransomware attacks have tripled in the past year
These are just a few of the big attacks that have hit the headlines in the past few months, but there are many more besides. Cyber threats have been increasing exponentially, particularly ransomware, which – according to FBI director Christopher Wray – has tripled over the past year. So, it’s more a case of asking yourself when an attack will happen, than if one will occur.
To be prepared for the inevitable, it’s important to have a disaster recovery plan in place, specific to a cyber threat. This will, of course, involve a backup and recovery system. But are you 100% sure that your backup and recovery solution is working as well today as when it was originally installed and configured? It’s an especially pertinent question now that increasingly sophisticated cyber-criminals are targeting backups as well as production data, to give them more leverage.
Testing to ensure certainty over recovery capability
A programme of testing for your backup system is critical to ensuring that it is fit for purpose should the worst happen – if you are able to restore all your data and continue operating as before, then the ransom threat is an empty one.
You could manually restore a VM using instant recovery, and test components to ascertain whether the backup and recovery process is returning zero errors – but a more scalable and efficient process is to use Veeam® SureBackup to create an automated schedule of backup testing and validation. In addition, Veeam® Availability Orchestrator is invaluable for automatically testing your DR site.
SureBackup allows you to boot VMs in an isolated environment, so they can be tested with various scripts – including preconfigured options:
- A heartbeat test uses VMware or Hyper-V tools to ensure the operating system is running properly.
- A ping test checks that a VM’s network interface is up, and that the machine can respond.
- Application tests include testing ports for DNS, mail and web server response, and checking that SQL databases are available.
- SureBackup can also run custom scripts if there is a specific application that needs testing outside of what is already provided.
Veeam® Availability Orchestrator offers DR site replica testing, and offers detailed reports, enabling you to gain certainty over component health across the entire site, from just one window.
Choosing object storage for immutability
Another point of defence against ransomware attacks can be found in the specification of your storage platform. Object storage – we use Zadara’s Virtual Private Storage Array (VPSA) with Object Lock – adds an extra layer of security to your data backups, because it prevents files from being altered or deleted until a specified date. It effectively locks the file down so it can’t be amended by anybody, even its owner, until the defined period of time has passed.
It’s a bit like a virtual ‘air gap’ – although instead of data being transferred off-site in physical form (an LTO tape), this same protection happens in the cloud environment. Object storage works seamlessly with Veeam’s ‘immutability’ feature for maximum protection and peace of mind.
Ransomware attacks may be on the increase, but there are solutions out there to help de-risk data storage and ensure that recovery runs smoothly in the event of being targeted by increasingly sophisticated cyber-criminals.
If you’d like to find out more about how we can help protect against cyber threats, contact us today, to discuss backup and recovery systems in more detail.