Why is Ransomware Successful?

Ransomware has become a huge criminal enterprise valued now at many billions of dollars per year. Victims have spanned the spectrum from simple home users to multinational corporations. Although some home users and small businesses do not bother to backup at all, most victims thought that they had a good backup strategy.

Ineffective strategies include

  • backing up to a usb hard drive
  • backing up to a network shared drive
  • using shadow copies on the computer
  • using versioning software on the computer
  • using “bare metal” backup programs where the images is sent to a network share, network attached storage or usb hard drive
  • assuming anti virus software will stop the ransomware

The authors of ransomware have studied all of these strategies and have accounted for them in the software. Ransomware variants will seek out and destroy these backups often before destroying the primary copy

For a backup to be robust to ransomware it must

  • be to a different network segment
  • not use windows file sharing for transport
  • use versioning

A cloud backup solution, for example Carbonite does meet these requirements and will be resistant to ransomware. In deciding on cloud vs local backup, consideration must be given to the total size of the data to be backed up, the cost and the restore time.

What is Ransomware?

Ransomware is a malicious computer program that encrypts files on a victim’s computer. The objective is to demand a ransom of the victim. On payment of the ransom, the criminals say they will supply an antidote software program that will reverse the process