I Have Been Hit by Malware! Help, restore my data from Backup!

I Have Been Hit by Malware!  Help!

 

Cyber attacks like hacking and malware have been on the rise in recent years. What has been more of a nuisance in the past has become a real threat to organizations and even governments. In most cases, the damage caused by these attacks can be mitigated or even avoided all together by setting up an adequate back-up system.

Many attacks begin at what a fairly innocent stage – an email or a file you may wish to download. Once an email containing malware is opened or an infected file is opened, the attack begins. Just recently, our company, Sytex, assisted to not our clients, in 2 separate instances, to recover from malware encryption, after a client was hit by malware or hacked.

There are 4 simple rules that should be followed to protect your business from hacking or malware attacks. Those rules will not necessarily guarantee that you will not fall victim to an attack but they can ensure that the disruption to your business operation will be as minimal as reasonably possible, minimizing data loss and work disruption. Below are the 4 simple rules we recommend following:

  1. Setting up an adequate and safe back-up system.
  2. Ensure that all programs and operating systems are up-to-date,
  3. Purchasing an antivirus software that has Crypto Guard service and Tamper Protection and ensuring that they are properly set up and kept operational at all times.
  4. Setting up and maintain an adequate firewall.

Most companies have not implemented these four simple rules yet.

In this article, I will discuss the first rule. The other rules will be discussed in a separate article that will be published on this web-site.

 

Setting Up an Adequate and Safe Back-up System

We all understand the purpose and importance of back-ups. However, I wish to expound the topic of backups a bit and explain how a sufficiently adequate back-up system can help your business.

Electronic data can arrive at your network in many different ways. Password protections are not a substitute for backup, nor will any type back-up system will be a sufficient protection for your business.  Hackers may be able to track your key strokes to discover your password or gain access to your network when you log into the internet through a web-browser. Once access is gained, they will have access to any back-up system that is connected to your network. This will allow them to encrypt or corrupt the files stored in your back-up system. A combination of isolation and separate storage is the only way to ensure your backed-up files are secure.

A sufficiently adequate back-up system requires that you create a Disaster Recovery Plan (“DRP”).  The DRP should include storage of back-ups in two physically separate locations (separate storage), not connected to your network (isolation).

When creating a DRP, you should consider the time it takes to back up all your important data, the frequency your data is backed up, the time it will take to retrieve and restore the data that you backed up in case the worst comes to pass.

If you become a victim of Malware, Ransomware, Hack, Hardware Failure or natural disaster and you don’t have back-ups, there is simply no recovery solution. If you do have back-ups, you will be able to successfully recover everything, either to the existing system or a new system.  

Many people are not aware that some of the modern back-up systems currently available are so advanced that they can run in the background every 15 minutes, every 30 minutes or every hour, without any significant loss of performance to your network.  This is referred to as “continuous back-up”.  I am often asked if frequent back-ups will block traffic or will cause a bottleneck.  The answer is that it depends on the type of back-up system. Some back-ups, especially modern ones, are so advance that they will only back-up changes that are made to your data. In other words, the system will not back up all the data, all the time. Rather, it will store all your data once and subsequently back-up changes to your data. This minimizes the strain on your systems while allowing for more frequent and quicker back-ups.  I’ve tested it myself and I can attest to the fact that it works very well and with limited interruptions.

A common misconception is that a continuous back-up system is very expensive and is reserved for big business that can bear the high costs of such back-up systems.  This is simply not true.  A back-up of one server can be as inexpensive as buying a cup a coffee a day.

Another reason people cite for not investing in a good back-up system is that the business has insurance and they can afford to wait a couple of days.  Although technically true, this is often not a good solution. Assuming that your back-up system is checked regularly and is operational (which is not always the case), you should still consider the actual cost of having your business shut down.

Let’s calculate the cost for each day your business is shut down due to network failure, which is the time it can take to recover data for a small business with a standard back-up. Recovery for bigger business is even longer and incurs bigger losses. To that end, consider the next three examples of back-up solutions.  As you will see, option A is inadequate, option B is a workable solution but has its drawbacks, and option C is the best of them (and I wish all business owners had it).

Option A – On-Site Back-ups

Several years ago, it was an acceptable good back-up solution, and it worked successfully. This type of back-up solution entails attaching a hard drive to the server and have your system copy all of your data to that hard drive periodically. Once a back-up is made, the hard-drive is replaced with another and the hard-drive that contains the backed-up data is stored somewhere, disconnected from your network. On-site back ups are traditionally run overnight because they require replacing hard-drives. Running them during work hours will usually mean disruption to the business operation. Ransomware can encrypt data on the server and can encrypt data on the hard drive while it is being connected to the network. Therefore, in those cases where back-up is done overnight, you would only be able to restore data from the previous day. All new data to the system will be lost in case of catastrophic failure.  If that is acceptable to you, it will work for you.  However, most businesses, even small ones, will find this unacceptable. If you are unsure what type of back-up system you have (if any) or the frequency your data is backed-up, you can contact our company and we will be able to provide you with answers.

 

Option B – Cloud Stored Back-up

Cloud stored back-up means that data can be backed up more frequently than on-site back-up because it does not require replacing hard-drives. Therefore, it is less disruptive to your business operation. The downside of this system is data recovery once system failure occurs. Restoring caches of data will take seconds but restoring large data (which is required in most catastrophic failures) will take much longer. It can take hours or even days. For example, if you have a high-speed internet of 100Mbits/s (which is considered very high and above average for normal consumers), restoring even a relatively small amount of data of 500GB will take about 12 hours. If you know the size of the data you need to back-up and you wish to check the time it will take you to restore it, you can the following website to get an estimate – https://www.download-time.com/ . Restoring the raw data, however, is not enough. You also need to restore your network based on that data. Restoring your network can take several additional hours, in addition to the retrieval time.  As such, even a small business is looking at a downtime of about 16 hours. That is 16 work hours, or two business days.  Can you really afford to shut down your business for 2 whole days?

 

Option C – Cloud and On-site combined

This is the best back-up solution for most businesses today. As the name suggests, this method incorporates both of the abovementioned methods to create a hybrid that combines the best of both systems. Furthermore, and contrary to common belief, this is actually an inexpensive solution. This method has nominal recovery time, while ensuring minimal data loss (if any at all).

How? – By adopting tailored solution to your needs that may include on-site back-ups, frequent cloud back-up that stores more than just the most recent changes (permitting recovery at a point of time of your choosing), virtual private networks on a cloud that act as a temporary substitute for your own network hardware in case of catastrophic hardware failure with layers of security, and more.

Our experts, at Sytex, offer the best Back-up solution available on the Market. You can recover data in minutes and can get one or more files in a second to your computer\server or to any staff members.  We offer back-ups that are tested and checked on a daily basis.

The following are common elements of a hybrid back-up system that we employ for our clients. However, keep in mind that this is not an exhaustive list. We do not fit our clients into our pre-prepared back-up systems. Rather, we fit our back-up systems to fit each of our client’s needs based on own individual requirements.

 

Hybrid On-Premise and Cloud Data Protection

This system virtualizes and runs a protected server with Hybrid Virtualization, Backup initializes a virtual machine (VM) for that server in the secure Cloud.

Then the Backup automatically connects that VM in the Cloud to the local network through the Backup, using a secure VPN tunnel.

 

Restore Granular Files, Folders, and Application Data

No matter where you are, you can recover files and folders from any protected server or workstation, from any point in time.

The intuitive, familiar Backup Partner Portal features a simple, powerful utility for browsing the complete file structure for any recovery point in time. Even better, you can perform searches to find exactly what you need.

 

Full-server Instant Failover to the Cloud

This back-up system protects systems from site-wide outages using instant off-site virtualization.

In the event of a local disaster such as a fire or flood, the entire network can be recreated in the secure Cloud in a matter of minutes. Secure connections are provided to employees and a business can resume normal operations.

 

Unique, Automatic Ransomware Detection and Alerting

Ransomware, like most illicit software, leaves an identifiable footprint as it takes over a server, PC or laptop. If ransomware is detected, Backup notifies admins that they have a likely ransomware attack on their hands. From there, recovery is simply a matter of restoring from a previous backup. Stop worrying about ransomware and get back to business fast.

 

Don’t Pay the Ransom: Roll back servers to moments before Ransomware attacks

If ransomware is detected, Backup notifies admins that they have a likely ransomware attack on their hands. From there, recovery is simply a matter of restoring from a previous backup. Stop worrying about ransomware and get back to business fast.

To virtualize and run a protected server with Hybrid Virtualization, Backup initializes a virtual machine (VM) for that server in the secure Cloud. Then the Backup automatically connects that VM in the Cloud to the local network through the Backup, using a secure VPN tunnel.

 

Instant Hybrid Virtualization Gets Critical Servers – and You – Back in Business Right Away

To virtualize and run a protected server with Hybrid Virtualization, Backup initializes a virtual machine (VM) for that server in the secure Cloud. Then the Backup automatically connects that VM in the Cloud to the local network through the Backup, using a secure VPN tunnel.

 

If you are interested in hearing more about back-up solutions that may suit you, please feel free to contact us and our experts will be delighted to answer all your questions, discuss your individual needs, and offer suggestions on how you can improve your network.

We also invite you to read our other articles on how to secure your network, and in particular, the articles covering Rules 2, 3, and 4.