Not a day goes by that I don’t hear about some business or consultant affected by ransomware. Often, the incident starts with a phishing attack or from a vulnerability introduced by delayed patching. Or it could be a consultant tool that should have been coded better. Regardless of how it began, if you attempt to recover from a backup (assuming you have a viable one on hand) or pay the ransom and attempt to unencrypt your data, recovery will take time.
That’s time companies often don’t have.
Last week, the US government set up the Stopransomware website to help businesses, schools, and other organizations deal with ransomware attacks. Included in the guidance are recommendations regarding backing up: