Fight Ransomware With A Worthless Computer
Ransomware attacks are not new, but there has definitely been a recent surge in occurrences. Even as I write this blog, another huge attack has taken down several large companies across the globe! The monetary losses have been calculated in the billions, but for some people the data that was lost is priceless. The situation can be devastating for both businesses and individuals. While effective use of virus scanning software and religiously applying the latest security updates are good practices, they don’t guarantee your safety. If somehow, something slips by those layers of protection, are you prepared?
I had the unfortunate experience of interacting with a customer last week who had been affected by a ransomware attack. The results were devastating for their business. Not only were the majority of their servers and laptops completely unrecoverable, but their backups had been encrypted during the attack as well. They were stuck, unable to operate their business and the outlook was grim. Recovering their data was starting to look unlikely. They had two options – pay the extremely expensive ransom or kiss their data goodbye. It’s important to point out that this customer is a large corporation. They have a fully staffed IT department and a large infrastructure budget at their disposal. If this can happen to them, then it can happen to anyone!
Ransomware is not the only threat, there are still several other situations that might arise as well. Imagine going for dinner after work and someone stealing your laptop from your car. Imagine a fire in your home and suffering a complete loss of your computers and their data. These are really possible, and I have seen them happen on more than one occasion.
Armed with the realization that these situations can certainly happen to you, let’s explore how the cloud can limit your exposure. All of my data is stored in a variety of cloud services and really important data is duplicated onto external hard drives. No matter what – if my house burns down, if my laptop is stolen or damaged, or if I become a ransomware victim – I can get my machine back up and running in a couple hours. If I lose my machine, I simply go and buy another one. If I have a virus or ransomware, I simply reinstall my OS. That’s the majority of the inconvenience. Once I have a new machine or OS, I just need to install a few pieces of software and I’m back to normal. At the end of the day the actual laptop is worthless – completely disposable.
Cloud storage is so cheap, there is no need to discriminate with data. Don’t try to decide if you can handle losing some less important data in an emergency. I store everything in the cloud indiscriminately. I also use several different providers for hosting my data. Code is stored in online code repositories. Documents are stored in online cloud storage. Right now, this blog is being written in Google docs and is completely recoverable if my laptop spontaneously combusts. All my photos, business documents, email, everything… It’s all in the cloud.
What if a ransomware attack encrypts my cloud data? After all, some cloud storage providers offer native OS integration. You get a cool little folder that is accessible as if the files are stored locally on your hard drive. Can’t ransomware encrypt files being served up by these convenient OS integrations? Sure! However, that leads me to another great point about quality cloud storage! Any worthwhile provider includes version control. If a provider doesn’t offer version control, then you should not use their service. Once you get back up and running, you can log into the storage account through a web console and roll back the file versions to a time before they became encrypted. Travesty averted! This is contrary to some of the blogs written by guys over at Carbonite. However, they seem to have a biased opinion in order to sell their services and I’m not sure I completely agree.
It’s really important to understand that these things can happen to all of us. It’s not just something you hear about happening to someone else. With the recent events, it is time to start strategizing on how to keep your data safe. If you don’t, you are setting yourself up for a catastrophic event. The best countermeasure is to back everything up to the cloud and, of course, think before you click. Make your hardware completely useless and enlist cloud service providers as partners in your data’s security.