PHOTO CREDIT: FLICKR USER BEN PAL
While most organizations will agree their digital assets are just as important – if not more – than their physical ones, few organizations guard digital assets like they guard their physical assets. Beyond mission critical applications, data protection is typically a once-per-night event that rarely completes with 100 percent success.
Data monitoring and security is almost non-existent except for, again, the most mission critical applications.
The problem is that much of the digital assets are outside of those mission critical applications. Most employees create or edit dozens of documents on a daily basis. They also receive files such as electronically signed contracts, receipts and statements of work via e-mail. This may not be the master customer list, but it is data that the organization cannot reproduce at will.
This is the data that many decide to pay ransom to get back if the backup system cannot recover it or if the version of the data that is encrypted is radically different than the version that the backup system has stored.
Finally, determining which data is worth paying ransom for is a challenge within of itself. Most IT departments do not have the staffing or the time to compare every potentially encrypted file with the last known good backup.
Prevention is Impossible
Humans are required to be human, and can, therefore, be expected to make mistakes. New zero-day (original) exploits are discovered every day. It is hard to protect against an attack that has never happened before.
Obviously, IT should spend time making sure servers are up to date and vulnerabilities are eliminated. They should also make sure users are trained to not click on suspicious links. But the reality is that there is a limit to what IT can do.
It is very probable that most organizations will deal with a ransomware attack this year, and in many cases multiple attacks per year in the foreseeable future.