We hear about ransomware attacks all the time. We feel awful for the people who have lost all their pictures. Or the company that has to pay a small fortune to prevent their sensitive data from being leaked with questionable results of recovery even if they pay the ransom. Surely it must be difficult to protect against these types of attack?
No, it is not at all difficult to protect yourself against the majority of these attacks. There is no magic bullet or protective blanket that will completely protect you, but your risks of getting a ransomware are far reduced if you do basic cyber hygiene such as keeping your computer up to date. And another key component with cyber hygiene is making sure your data is backed up to multiple offsite locations. Why? If your data only exists on one local hard drive, if something gets comprised, you lose that system and all your data. There is no way to recover your data. If you back up a local drive what happens if there is a fire or flood? Your data is gone again. If you back up to the cloud, then if something happens locally you can just restore to a new computer and be good to go. However, backups have to be protected as well. Always make sure your backups are encrypted at an appropriate level.
The piece that gets tricky is how often to backup. If you have 5 days worth of backups and the attacker is in your environment for 30 days then every time you restore, you will be bringing your attacker back into your environment. You need to have a decent amount of backups so that you do not only have one choice when trying to recover from an attack. What this means for ransomware attacks is that you may be able to restore your data and not have to worry about paying the ransom.