How Canadian organizations can combat ransomware attacks

In recent months, hackers have targeted provincial governments as well as Canadian hospitals with high-profile ransomware attacks, often taking e-mail systems offline and making records more difficult to access.

These attacks aren’t isolated – organizations around the world have increasingly been the victims of ransomware attacks over the past year. Large insurance companies, military contractors and healthcare providers have all been victimized.

Late last year a network of three hospitals in Alabama was forced to divert non-emergency patients to other hospitals after a suffering from a ransomware attack. Unfortunately, those hospitals were only able to recover their systems by paying the ransom. They simply weren’t ready to deal with that sort of disaster.

For large organizations today, it’s not a matter of ‘if’ they’ll be hit by a ransomware attack. It’s a matter of ‘when’. Unfortunately, many are still not prepared to deal with cyberattacks. Installing firewalls and anti-virus software isn’t enough.

An in-depth defence with the ability to quickly identify possible threats, recover systems and data is a necessity if organizations want to avoid costly downtime and delays.

Following are some tips on how Canadian organizations can better protect themselves from ransomware attacks.

• Build an IT security perimeter that includes firewalls, anti-virus and anti-malware tools. Make sure you include your endpoints in that perimeter!
• Educate your staff on common phishing methods to lower the risk of malware/ransomware infections.
• Have a backup solution in place that can quickly find and restore a good version of your data in the event of an attack. You also need to ensure that your backup locations are secured from a ransomware or malware threat. If the initial threat manages to erase or infect your backups, then your backups aren’t going to be any help.
• Look for backup solutions that can track patterns in your data using artificial intelligence and machine learning, recognize when an abnormal event occurs and alert your IT team to investigate. This can help identify and prevent a ransomware attack from spreading throughout your IT infrastructure.
• Make sure you can recover data across various clouds and hypervisors, so you can get your systems back on-line quickly. Your original data location may not be safe, so you need to be able to recover your data to an alternate location.
• Turn to the cloud if you don’t have the resources for a backup data centre of your own. Backup solutions can encrypt data in transit and at-rest, keeping sensitive information secure no matter where it resides.
• Perform disaster recovery tests on a regular basis to ensure the procedures and systems you have in place work as well in practice as they do in theory. Make sure your disaster recovery plans include a strategy on dealing with ransomware incidents
• Paying the ransom may seem like the easiest way out of a difficult situation, but cybersecurity and law enforcement professionals advise against any kind of payment.  There’s no guarantee the data will be unlocked, and even if it is there’s no guarantee it will be usable.

Matt Tyrer is Commvault’s Senior Manager, Solutions Marketing – Americas