Ransomware is a worryingly prevalent threat for UK businesses and individuals. Over a year, around 73% of businesses experienced a ransomware attack – a concerning 15% increase year on year. That means businesses are more threatened by these malicious attacks than ever – but do cloud backups protect you from ransomware?
Cloud backups and storage can help protect you from ransomware attacks, but you’ll need to ensure you’re working with a leading provider and regularly update your protection. Let’s take a closer look.
Can ransomware infect backup files?
In some cases, ransomware can infect backup data by activating (or ‘detonating’) at a specific date and time. Previously, ransomware primarily impacted data held ‘on the surface’ – meaning hackers are developing sophisticated ways to dig deeper into businesses’ information.
Ransomware can activate in the cloud, too – meaning that you’ll need to prohibit all outside access, and to ensure that data held inside is completely encrypted.
That said, ransomware can still affect files and bundles that are initially encrypted. This can happen if, for example, you unbundle an encrypted backup when bouncing back from an attack or infection. In some cases, a ransomware attack can reactivate unless it’s carefully quarantined and effectively removed.
Ransomware can also impact files synced to the cloud. For example, if your base files are compromised and then sync to the cloud, the compromisations will be reflected in the backups. To avoid this scenario, you could encrypt a copy of the backup in the cloud to restore at a later date.
How can cloud backups help me recover from ransomware?
While cloud backups and data may be at risk from ransomware attacks and other types of malware, you can still use backups to help recover from large-scale damage.
One way to help protect your cloud data against ransomware attacks is to establish multi-factor authentication. Just as you’d use this authentication to access certain apps and services out of the office, you can establish secure logins that require the use of email and/or mobile devices.
For example, to access your cloud backups, you may need to provide an initial password, and then enter a keyphrase sent randomly to your associated email. Unless the malware has access to this email, too, it can be an effective defence against ransomware infecting the data within.
In some cases, you may be able to encrypt data transferred to and from the cloud while it’s in-flight. Ransomware or other malware that accesses information through midpoint access may not be able to read information that’s encrypted on its way between the physical device and the cloud.
While this won’t prevent ransomware from causing damage, it’s a tool that can help to restrict how much information malware can read. It’s an added cushion of support should the worst actually happen.
External drive restoration
Many cloud services allow you to restore any data you wish to an external or third-party device that you fully authorise. This means that you can effectively move your sensitive data off-site and into a hard drive or system that’s not affected by the ransomware.
This also means that you can effectively restore your data safely once the malware is dealt with, while retaining a cloud copy all the same. Providing the malware has no clear route into your cloud data, this is an option that can keep you bouncing back from such attacks.
Alongside the option to restore cloud data to a variety of external devices, cloud services may also allow you to restore specific data from a chosen point in time. This means that you can effectively pinpoint which data you’d like to reinstate and from when.
Given that ransomware can sometimes pick and choose which data it wants to hold hostage, it’s important to have a point-in-time backup that you can restore at precise moments.
Data change alerts
Companies using the most efficient cloud storage and data management systems have complete oversight of their information at all times. For example, in some cases, you’ll be able to monitor where your data is stored, and where it’s shared at short notice – all from one screen.
A handy addition to this complete oversight is, of course, the ability to trigger alerts. Cloud backup monitoring can inform you when data or specific files may be moved or compromised. This allows you to take immediate action, such as to restore the data or to make vital security adjustments to your network and hardware.
Instant recovery potential
One of the most important aspects of cloud backups is the potential to restore data as soon as it’s compromised, or as soon as you receive an alert. With ransomware, it’s always wise to deal with the malware and to remove any infections before you restore. Otherwise, you may find your restored data falls prey to the same attack.
In any case, remote, instant data recovery means there’s no time wasted trying to source a backup. It also means there’s no time or labour wasted on actively recovering said information – you can simply bounce back from an attack and get back to what you were doing.
Why you need cloud computing in the fight against ransomware
While ransomware can still attack and cause serious damage with or without cloud backups, it’s crucial to have a wide-reaching, fast-acting backup plan in place.
Cloud backups can help you to restore potentially compromised data at a second’s notice. Encrypted properly, there’s also plenty you can do to restrict ransomware from accessing your backup data in the first place. You can also set up multi-factor authentication so that anyone aiming to get into your files will also need access to external emails and devices.
Finally, a cloud backup can also easily restore to an external drive of your choice – meaning you can bring back potentially compromised information without risking it falling into the wrong hands again.
You need a robust security setup to avoid ransomware at its worst – but always have a cloud backup plan in place to help you bounce back.