I Have Been Hit by Malware! Help restore my data from Backup!

Cyber attacks like hacking and malware have been on the rise in recent years. What has been more of a nuisance in the past has become a real threat to organizations and even governments. In most cases, the damage caused by these attacks can be mitigated or even avoided altogether by setting up an adequate backup system.

Many attacks begin at a fairly innocent stage—an email or a file you may wish to download. Once an email containing malware is opened or an infected file is opened, the attack begins. Just recently, Sytex, assisted two separate customers in recovering from malware encryption, after they were hacked.

There are four simple rules that should be followed to protect your business from hacking or malware attacks. Those rules will not necessarily guarantee that you will not fall victim to an attack, but they can ensure that the disruption to your business operation will be as minimal as possible, minimizing data loss and work disruption. Below are the four simple rules we recommend:

  1. Set up a safe back-up system.
  2. Ensure that all programs and operating systems are up-to-date.
  3. Purchase an antivirus software that has Crypto Guard service and Tamper Protection and ensure that they are properly set up and kept operational at all times.
  4. Setting up and maintain an adequate firewall.

In this article, I will discuss the first rule.

Setting Up a Safe Backup System

We all understand the purpose and importance of backups. However, I wish to expound on the topic of backups and explain how a sufficiently adequate backup system can help your business.

Electronic data can arrive in your network in many different ways. Password protections are not a substitute for backup, nor will any type backup system will be a sufficient protection for your business. Hackers may be able to track your key strokes to discover your password or gain access to your network when you log into the internet through a web-browser. Once access is gained, they will have access to any backup system that is connected to your network. This will allow them to encrypt or corrupt the files stored in your backup system. A combination of isolation and separate storage is the only way to ensure your backed-up files are secure.

A sufficiently adequate backup system requires that you create a Disaster Recovery Plan (“DRP”). The DRP should include storage of backups in two physically separate locations (separate storage), not connected to your network (isolation).

When creating a DRP, you should consider the time it takes to back up all your important data, the frequency your data is backed up, and the time it will take to retrieve and restore the data that you backed up in case the worst comes to pass.

If you become a victim of malware, ransomware, a hack, hardware failure, or a natural disaster and you don’t have backups, there is simply no recovery solution. If you do have backups, you will be able to successfully recover everything, either to the existing system or a new system.  

Many people are not aware that some of the modern backup systems currently available are so advanced that they can run in the background every 15 minutes, every 30 minutes, or every hour, without any significant loss of performance to your network. This is referred to as “continuous backup.” I am often asked if frequent backups will block traffic or cause a bottleneck. The answer is that it depends on the type of backup system. Some backups, especially modern ones, are so advanced that they will only backup changes that are made to your data. In other words, the system will not back up all the data, all the time. Rather, it will store all your data once and subsequently backup changes to your data. This minimizes the strain on your systems while allowing for more frequent and quicker backups. I’ve tested it myself and I can attest to the fact that it works very well and with limited interruptions.

A common misconception is that a continuous backup system is very expensive and is reserved for big business that can bear the high costs of such backup systems. This is simply not true. A backup of one server can be as inexpensive as buying a cup a coffee every day.

Another reason people cite for not investing in a good backup system is that the business has insurance and they can afford to wait a couple of days. Although technically true, this is often not a good solution. Assuming that your backup system is checked regularly and is operational (which is not always the case), you should still consider the actual cost of having your business shut down.

Let’s calculate the cost for each day your business is shut down due to network failure, which is the time it can take to recover data for a small business with a standard backup. Recovery for bigger business is even longer and incurs bigger losses. To that end, consider the next three examples of backup solutions.  As you will see, option A is inadequate, option B is a workable solution but has its drawbacks, and option C is the best one (and I wish all business owners had it).

Option A – On-Site Backups

Several years ago, on-site backups were an acceptable solution, and it worked successfully. This type of backup solution involves attaching a hard drive to the server and having your system copy all of your data to that hard drive periodically. Once a backup is made, the hard-drive is replaced with another and the hard-drive that contains the backed-up data is stored somewhere, disconnected from your network. On-site backups are traditionally run overnight because they require replacing hard-drives. Running them during working hours will usually mean disruption to the business operation. Ransomware can encrypt data on the server and can encrypt data on the hard drive while it is being connected to the network. Therefore, in those cases where backup is done overnight, you would only be able to restore data from the previous day. All new data to the system will be lost in case of catastrophic failure. If that is acceptable to you, this option is fine. However, most businesses, even small ones, will find this unacceptable. If you are unsure what type of backup system you have (if any) or the frequency your data is backed-up, you can contact our company and we will be able to provide you with answers.

Option B – Cloud Stored Backup

Cloud stored backup means that data can be backed up more frequently than on-site backup because it does not require replacing hard-drives. Therefore, it is less disruptive to your business operation. The downside of this system is recovering your data once a system failure occurs. Restoring caches of data will take seconds but restoring large data (which is required in most catastrophic failures) will take much longer. It can take hours or even days. For example, if you have a high-speed internet of 100Mbits/s (which is considered very high and above average for normal consumers), restoring even a relatively small amount of data of 500GB will take about 12 hours. If you know the size of the data you need to back up and you wish to check the time it will take you to restore it, you can use this website to get an estimate.

Restoring the raw data, however, is not enough. You also need to restore your network based on that data. Restoring your network can take several additional hours, in addition to the retrieval time. As such, even a small business is looking at a downtime of about 16 hours. That is 16 work hours or two business days. Can you really afford to shut down your business for 2 whole days?

Option C – Cloud and On-site combined

This is the best backup solution for most businesses today. As the name suggests, this method incorporates both of the abovementioned methods to create a hybrid that combines the best of both systems. Furthermore, and contrary to common belief, this is actually an inexpensive solution. This method has nominal recovery time, while ensuring minimal data loss (if any at all).

How? – By adapting a tailored solution to your needs that may include on-site backups, frequent cloud backup that stores more than just the most recent changes (permitting recovery at a point of time of your choosing), or virtual private networks on a cloud that act as a temporary substitute for your own network hardware in case of catastrophic hardware failure with layers of security.

Our Sytex experts offer the best backup solution available on the market. You can recover data in minutes and can get one or more files in a second to your computer\server or to any staff members.  We offer backups that are tested and checked on a daily basis.

The following are common elements of a hybrid backup system that we employ for our customers. However, keep in mind that this is not an exhaustive list. We do not fit our customers into our pre-prepared backup systems. Rather, we fit our backup systems to fit each of our customers’ needs based on their own individual requirements.

Hybrid On-Premise and Cloud Data Protection

This system virtualizes and runs a protected server with hybrid virtualization. The backup initializes a virtual machine (VM) for that server in the secure cloud.

Then the backup automatically connects the VM in the Cloud to the local network, using a secure VPN tunnel.

Restore Granular Files, Folders, and Application Data

No matter where you are, you can recover files and folders from any protected server or workstation, from any point in time.

The intuitive, familiar Backup Partner Portal features a simple, powerful utility for browsing the complete file structure from any recovery point in time. Even better, you can perform searches to find exactly what you need.

Full-server Instant Failover to the Cloud

This backup system protects systems from site-wide outages using instant off-site virtualization.

In the event of a local disaster such as a fire or flood, the entire network can be recreated in the secure cloud in a matter of minutes. Secure connections are provided to employees and the business can resume normal operations.

Unique, Automatic Ransomware Detection and Alerting

Ransomware, like most illicit software, leaves an identifiable footprint as it takes over a server, PC, or laptop. If ransomware is detected, the backup notifies admins that they have a likely ransomware attack on their hands. From there, recovery is simply a matter of restoring from a previous backup. Stop worrying about ransomware and get back to business fast.

Don’t Pay the Ransom: Roll Back Servers to Moments Before the Ransomware Attack

If ransomware is detected, Backup notifies admins that they have a likely ransomware attack on their hands. From there, recovery is simply a matter of restoring from a previous backup. Stop worrying about ransomware and get back to business fast.

To virtualize and run a protected server with Hybrid Virtualization, the backup initializes a VM for that server in the secure cloud. Then the backup automatically connects the VM in the cloud to the local network, using a secure VPN tunnel.

Instant Hybrid Virtualization Gets Critical Servers – and You – Back in Business Right Away

To virtualize and run a protected server with Hybrid Virtualization, the backup initializes a VM for the server in the secure Cloud. Then the backup automatically connects the VM in the cloud to the local network, using a secure VPN tunnel.

If you are interested in hearing more about backup solutions that may suit you, please feel free to contact us. Our experts will be delighted to answer all your questions, discuss your individual needs, and offer suggestions on how you can improve your network.