12-27-21 | Blog Post

How to Navigate a Ransomware Attack

Blog Posts

Ransomware is a leading cause of downtime today and can affect any industry at any time. For this reason, it is important to be prepared and implement the proper precautions to ensure the recoverability of your data. In order to protect your business from Ransomware it is important to employ these 5 tactics, commonly referred to as the 3-2-1-1-0 rule:

  • 3 copies of your data
  • 2 different media
  • one offsite
  • one offline
  • with zero errors after backup and recoverability verification

When Ransomware hits, the million dollar question is how do you get your data back so that you don’t have to pay? The answer is, hopefully you paid for the right backup solution. Let’s look at a scenario where we successfully navigate a Ransomware attack.

Ransomware Hits

Let’s say for example Ransomware infects a few VMs, maybe a file server and an exchange server. There are several ways to make sure the data is recoverable, but also that you can achieve granular restore.  The great thing about NewCloud and Veeam is that you can go into your VM and pick and choose which piece to restore.

Step One: Isolate the infected Machines

The first thing you want to do when your are hit with a Ransomware attack is to take the infected VMs off of your network so that the virus cannot spread.

Step Two: Alert the Authorities

When you are infected with Ransomware, it is urged to report these attacks to the proper authorities. The FBI has set up an Internet Crime Complaint Center in order to help with Ransomware and other Cyber attacks.

Check your Backups

Step 3: Deploy an On-Demand SandBox

Verify that you know your backups are recoverable before you start sending them offsite. To do this, Veeam allows you to spin up an On-Demand Sandbox.

This sandbox acts as a fenced off isolated network that does not affect production, IPs, or DNS. Within the sandbox, you can locate and test the last known backup copy by leveraging:

  • Non-disruptive storage snapshots
  • Secure deduped backup target
  • other copies using the 3-2-1 rule

Step 4: Leverage Sure Backup

Veeam Sure Backup allows you to automatically test and verify backups. SureBackup allows you to power on VMs and make sure they are not only bootable, but that they respond they way they need to. SureBackup can then provide you with an audit trail report, this allows you to know at what specific point in time your backup is recoverable. This way, you can move this backup offsite and know with certainty that it has zero errors.

Begin the Recovery Process

Step 5: Choose your Restore Option

With Veeam, granularity is not a challenge. As long as you have a backup and you have verified it and you know that it is valid, there are several ways to restore.

Restore the whole VM

Restore full VMs in minutes using your onsite backups.

Restore just what was infected

Go inside your VMs and crack open specific workloads that were affected by Ransomware. As granular of a restore as you need.

The Bottom Line

When it comes to Ransomware, data protection is important, but is only a piece the puzzle. In order to have complete protection from a Ransomware attack, you need to have recovery. Veeam and Otava offer total protection from Ransomware with both Backup and Recovery. Ensure the safety of your data and prevent unnecessary downtime by investing in a solution you can trust.

Overwhelmed by cloud chaos?
We’re cloud experts, so you don’t have to be.

© 2024 OTAVA® All Rights Reserved