Will Your Cloud Data Be Safe From A Ransomware Attack

Will Your Cloud Data Be Safe From A Ransomware Attack

As cloud computing becomes more and more popular, people are increasingly wondering if it’s truly safe. After all, many high-profile corporate hacks have occurred in the last few years. Some of these have been incredibly devastating, so it’s a worthy question to ask.

It seems that many of the worst recent incidents have involved the use of ransomware, an insidious type of malware that locks the user out of their machine before demanding a large ransom payment. Let’s explore the question: Will the cloud protect you from ransomware?

Will Backups Solve The Problem Entirely?

As we have said before, efficient data backup can defeat a ransomware attack, but there is no guarantee that it will do so. When you get a message saying that your files have been locked, the first thing you should do is disconnect from the internet. Do not power down the machine, as this could destroy crucial evidence, but make sure you disconnect completely. The reasons for this will be explained later, so keep reading.

Many cloud providers will tout their automatic backup services as a “magic bullet” against ransomware. Their pitch makes good sense, in theory: When the hacker locks your files, you simply wipe the system and restore it from your most recent backup. In some cases, it is indeed that easy, but there is no real guarantee.

At the same time, data backup is a great tool to use against ransomware. In fact, it may even be the best weapon we have against this threat. Unfortunately, there are several ways in which hackers can work around your workaround.

When Backup Fails

So, when you do a cloud backup, that data is stored off-site. That means it should be protected from anything that happens locally, right? Well, here is the problem…not all cloud providers use the best security procedures, and not all of them are capable of resisting a dedicated attack. So, if the hacker wants to make sure you won’t be able to restore your system, they just have to hack your cloud provider.

Obviously, hacking a cloud provider is not an easy task, but we have found numerous instances in which it was done. Just a few months ago, a cloud provider called PCM was compromised by an unknown entity. These criminals seem to have been running a complex scam involving fake gift cards, and they needed a large amount of personal data to make it work. There seems to be some dispute as to whether or not any personal information was stolen, although PCM claims that it was not. Either way, there is no doubt that they breached the system, and that is enough to show that it can be done.

Always Use Versioning Options

Sometimes, your backup files can be infected automatically. In most cases, users will “sync” data to the cloud in much the same way as you might sync a mobile device. Any changes to your local files are quickly reflected in the backups, and the old versions are not retained. When things are set up in this way, your backups will not do you any good whatsoever. Once your files are encrypted by the hackers, the cloud will sync with the new state of those files, which means the backups will be similarly encrypted. That’s why we said that you should immediately disconnect if you see that dreaded ransom message.

That being said, there is a surer and more efficient solution to this problem. Instead of doing an automatic backup every hour or so, and having the old backups overwritten, you should look for a cloud provider that offers “versioning.” This is an option that allows you to retain your old backups rather than overwriting them. Thus, when the source files are encrypted, it will only result in the creation of a new “version.” Obviously, that version will be useless, but your next-most-recent backup will be intact.

Other Ways To Protect Your Backups

If you are dealing with high-security information, you want to take every possible step to ensure confidentiality. In some cases, you could even be legally liable if you fail to do so! So, to keep yourself out of court, you should always make sure that you have three backups of your system at any given time. Obviously, one of these will come from your cloud provider.

A manually-saved backup should also be stored offline. Even the best hacker cannot corrupt an offline machine…unless they somehow gain physical access. That’s why such machines need to be locked up tight and restricted to only the most trusted users. Finally, you need one other backup, and this can be done using any method other than the cloud. Obviously, both of your non-cloud backups need to be updated regularly and manually.

As a final step to ensure that things run smoothly, you should do a practice restoration or two. Start by backing up your system at all three locations, then delete your entire system. Your IT team will be tasked with restoring the whole system from backups, and you should track the amount of time it takes them to do the job. If any problems are encountered along the way, they can be dealt with immediately. The idea is to work out the bugs before a crisis happens, not afterward.

Conclusion

Protecting your data in the cloud can seem like a daunting task, but it all depends on your methods. If you follow the right precautions and work with the right business partners, a ransomware attack can be a bump in the road instead of a gaping pothole. If you need help with data backup, or if you just need expert computer IT services, you should call PCH Technologies today at (856) 754-7500.