{"id":2600,"date":"2017-09-14T08:00:41","date_gmt":"2017-09-14T08:00:41","guid":{"rendered":"https:\/\/tsisupport.com\/?p=2600"},"modified":"2021-07-19T01:01:00","modified_gmt":"2021-07-19T05:01:00","slug":"four-ways-ransomware-can-destroy-backups","status":"publish","type":"post","link":"https:\/\/tsisupport.com\/tsistaging\/?p=2600","title":{"rendered":"Cybersecurity Defense: The Best Protection Against Ransomware"},"content":{"rendered":"

I just found a very interesting blog post by Jerome Wendt, President & Lead Analyst of DCIG, Inc., an independent storage analyst and consulting firm.<\/p>\n

He started out with “The prevailing wisdom is that if you back up your data you can recover from a ransomware attack. While this premise generally holds true, simply backing up your data no longer provides an absolute guarantee that you can recover from a ransomware attack. Here are three techniques that ransomware may use to circumvent existing backups and make your \u201cgood\u201d backups bad.” And I have added number 4 at the end as a bonus.<\/p>\n

Finding and encrypting backups on network file shares<\/strong>.<\/span> Many backup products backup data to file shares accessible over corporate networks. Further, many organizations use the default directory name created by these backup products to store these backups. The default names of these directories are readily accessible in the documentation published by backup providers. Some creators of ransomware have figured this out. As part of their viruses that find and encrypt data on production servers, they also probe corporate networks for these default backup directories and encrypt the backups in these directories. In so doing, they increase the possibility that companies cannot recover from backups.<\/p>\n

Hacking the backup software\u2019s APIs.<\/strong><\/span>\u00a0A number of enterprise backup software products offer their own application programming interface (API). Using these APIs, organizations can write to them to centralize backup and recovery under their broader data center management platform. However, ransomware creators can also access these published APIs for nefarious purposes and used them to corrupt and\/or encrypt existing backup.<\/p>\n

Plant a ransomware \u201ctime bomb.\u201d<\/strong><\/span>\u00a0To date, when ransomware encrypts a company\u2019s data, the encryption generally occurs as soon as or shortly after it gets onto the corporate network. However, ransomware continues to evolve and mature and, as it does so, it grows both more patient and more insidious. Rather than encrypting data as soon as it breaches the corporate firewall, it begins to infect the data but does not immediate encrypt it. Then, only after days, weeks, or months go by and this infected data has been backed up for months does it initiate the encryption of the corporate data. In many respects, this is the worst type of ransomware attack. Not only is all of a company\u2019s production data encrypted, the company thinks it has \u201cgood\u201d backups and when it goes to restore the data, the restored data encrypts as well because it was infected when it was backed up. This may make it almost impossible for an organization to determine when it was initially infected and which of their backed up data they can reliably and confidently restore.<\/p>\n

Delete your Shadow copies<\/strong>.<\/span> You know about this one, several major strains have been doing this for a few years now, and are constantly improving this part of their malicious code.<\/p>\n

Wendt concluded: “Ransomware arguably represents one of the most insidious and dangerous threats that organizations currently face to the health of their data. The inability to access and recover from a ransomware attack may put the very survival of a company at risk. To counter this risk, many look to backup software as their primary means to recover from these attacks. But as ransomware takes aim at backup software,\u00a0organizations need to take a fresh look at their backup software<\/em>\u00a0to make sure that it has the right set of features to counter these newest forms of ransomware attacks to ensure they have a verifiable path to recovery.<\/p>\n

Source:<\/span> <\/strong>These sections were cross-posted with\u00a0grateful acknowledgement to DCIG & our partnership with KnowBe4.<\/a><\/p>\n

\n\t
\n\t\t\t\t\t\t\t\t
\n\t\t\n
\n\t\t\t
\n\t
\n\t
\n\t\t

\n\t\tConfident with Your IT Strategy?<\/span>\n\t<\/h2>\n\t<\/div>\n<\/div>\n
\n\t
\n\t\t
\n\t

If you found the information in this blog post helpful and you'd like to discuss your business' technology strategy, then we'd be happy to hear from you.<\/p>\n<\/div>\n\t<\/div>\n<\/div>\n

\n\t
\n\t\t
\n\t\t\t\n\t\t\t\t\t\t\tGet in touch with tsi<\/span>\n\t\t\t\t\t<\/a>\n<\/div>\n\t<\/div>\n<\/div>\n<\/div>\n<\/div>\n\t\t\t
\n\t
<\/div>\n<\/div>\n\t<\/div>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n<\/div>
<\/div>\n","protected":false},"excerpt":{"rendered":"

I just found a very interesting blog post by Jerome Wendt, President & Lead Analyst of DCIG, Inc., an independent storage analyst and consulting firm. He started out with “The prevailing wisdom is that if you back up your data you can recover from a ransomware attack. While this premise generally holds true, simply backing…<\/p>\n","protected":false},"author":4,"featured_media":8590,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_links_to":"","_links_to_target":""},"categories":[20],"tags":[79,242,270,129,107,21],"acf":[],"yoast_head":"\nCybersecurity Defense | The Best Protection Against Ransomware | TSI<\/title>\n<meta name=\"description\" content=\"Protect your data with this round-up of the best protection against ransomware. Simply backing up your data won't guarantee your business's safety.\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cybersecurity Defense | The Best Protection Against Ransomware | TSI\" \/>\n<meta property=\"og:description\" content=\"Protect your data with this round-up of the best protection against ransomware. Simply backing up your data won't guarantee your business's safety.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/tsisupport.com\/tsistaging\/?p=2600\" \/>\n<meta property=\"og:site_name\" content=\"TSI Support\" \/>\n<meta property=\"article:published_time\" content=\"2017-09-14T08:00:41+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-07-19T05:01:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/09\/Ransomware-Header.fw_-1140x380-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1140\" \/>\n\t<meta property=\"og:image:height\" content=\"380\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Chris Souza\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chris Souza\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2600\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2600\",\"name\":\"Cybersecurity Defense | The Best Protection Against Ransomware | TSI\",\"isPartOf\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2600#primaryimage\"},\"image\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2600#primaryimage\"},\"thumbnailUrl\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/09\/Ransomware-Header.fw_-1140x380-1.png\",\"datePublished\":\"2017-09-14T08:00:41+00:00\",\"dateModified\":\"2021-07-19T05:01:00+00:00\",\"author\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/91ba4bc98e1a6b903424252af609a9ed\"},\"description\":\"Protect your data with this round-up of the best protection against ransomware. Simply backing up your data won't guarantee your business's safety.\",\"breadcrumb\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2600#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/tsisupport.com\/tsistaging\/?p=2600\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2600#primaryimage\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/09\/Ransomware-Header.fw_-1140x380-1.png\",\"contentUrl\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/09\/Ransomware-Header.fw_-1140x380-1.png\",\"width\":1140,\"height\":380},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2600#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/tsisupport.com\/tsistaging\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity Defense: The Best Protection Against Ransomware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#website\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/\",\"name\":\"TSI Support\",\"description\":\"TSI - Technical Support International\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/tsisupport.com\/tsistaging\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/91ba4bc98e1a6b903424252af609a9ed\",\"name\":\"Chris Souza\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d9e77a32df062fd4d46c61b29b00f1be?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d9e77a32df062fd4d46c61b29b00f1be?s=96&d=mm&r=g\",\"caption\":\"Chris Souza\"},\"url\":\"https:\/\/tsisupport.com\/tsistaging\/?author=4\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cybersecurity Defense | The Best Protection Against Ransomware | TSI","description":"Protect your data with this round-up of the best protection against ransomware. Simply backing up your data won't guarantee your business's safety.","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Cybersecurity Defense | The Best Protection Against Ransomware | TSI","og_description":"Protect your data with this round-up of the best protection against ransomware. Simply backing up your data won't guarantee your business's safety.","og_url":"https:\/\/tsisupport.com\/tsistaging\/?p=2600","og_site_name":"TSI Support","article_published_time":"2017-09-14T08:00:41+00:00","article_modified_time":"2021-07-19T05:01:00+00:00","og_image":[{"width":1140,"height":380,"url":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/09\/Ransomware-Header.fw_-1140x380-1.png","type":"image\/png"}],"author":"Chris Souza","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Chris Souza","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2600","url":"https:\/\/tsisupport.com\/tsistaging\/?p=2600","name":"Cybersecurity Defense | The Best Protection Against Ransomware | TSI","isPartOf":{"@id":"https:\/\/tsisupport.com\/tsistaging\/#website"},"primaryImageOfPage":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2600#primaryimage"},"image":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2600#primaryimage"},"thumbnailUrl":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/09\/Ransomware-Header.fw_-1140x380-1.png","datePublished":"2017-09-14T08:00:41+00:00","dateModified":"2021-07-19T05:01:00+00:00","author":{"@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/91ba4bc98e1a6b903424252af609a9ed"},"description":"Protect your data with this round-up of the best protection against ransomware. Simply backing up your data won't guarantee your business's safety.","breadcrumb":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2600#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/tsisupport.com\/tsistaging\/?p=2600"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2600#primaryimage","url":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/09\/Ransomware-Header.fw_-1140x380-1.png","contentUrl":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2017\/09\/Ransomware-Header.fw_-1140x380-1.png","width":1140,"height":380},{"@type":"BreadcrumbList","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2600#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/tsisupport.com\/tsistaging\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity Defense: The Best Protection Against Ransomware"}]},{"@type":"WebSite","@id":"https:\/\/tsisupport.com\/tsistaging\/#website","url":"https:\/\/tsisupport.com\/tsistaging\/","name":"TSI Support","description":"TSI - Technical Support International","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/tsisupport.com\/tsistaging\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/91ba4bc98e1a6b903424252af609a9ed","name":"Chris Souza","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d9e77a32df062fd4d46c61b29b00f1be?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d9e77a32df062fd4d46c61b29b00f1be?s=96&d=mm&r=g","caption":"Chris Souza"},"url":"https:\/\/tsisupport.com\/tsistaging\/?author=4"}]}},"_links":{"self":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/2600"}],"collection":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2600"}],"version-history":[{"count":0,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/2600\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/media\/8590"}],"wp:attachment":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2600"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2600"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2600"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}