Air-gapped Business Continuity: the last line against Ransomware

Ransomware is now one of the biggest threats to modern businesses today and research shows that 61% of UK organisations expect to see an increase in reportable Ransomware incidents throughout 2022.

With the above statistic, there is no doubt that Ransomware is one of the core drivers behind business data protection and a successful plan is critical in helping organisations get back online quickly without paying ransom fees.

The realities of paying the Ransom

Although organisations struck with Ransomware may be tempted to pay the ransom for a quick recovery, the process can be far more complicated for many reasons, and:

You may not get the data back – there is no guarantee that the hackers will hand over the encryption key and release the information. Some hackers have even been known to keep increasing the ransom after each payment.

Cyber Security experts have also gone on record to claim that even if the business does retrieve the key an 80% data recovery rate is optimistic.

The attackers will be more likely to strike again – if hackers know that their demands will be met, they are more likely to target an organisation. Some cybercriminals share or sell data between groups and your organisation will be listed as a paying company.

The attackers learn more about your business – in the negotiation process, you may have to share further details about your business and systems that could be exploited in future.

You are funding criminal activities – part of the allure of Ransomware for cyber-criminals is its profitability, and the more ransoms are paid, the more desirable the crime becomes. The more organisations pay the ransom, the higher the Ransomware demand will be overall.

It’s also safe to say that evoking a well-planned Business Continuity strategy is far less of a risk than paying the ransom. A backup solution utilising air-gapped storage is one of the most used and effective methods of data protection against Ransomware.

Air gaps vs Ransomware

Air-gapped data protection is where a copy of the data is held offline, disconnected, and inaccessible from the local network. Air gaps can be physical, using a removable storage device or logical, creating isolation by removing access from company networks.

This physical separation, which is often described as an air wall, makes it almost impossible for Ransomware to locate and encrypt the separated data.

It cannot view or encrypt air-gapped data, leaving a clean copy for data restoration without paying the Ransomware demand.

Removable storage such as tape and disk have the potential to be stolen and there is also the capacity for human error – a device could be left connected to the network or a regular backup forgotten.

Cloud-based Off-site backup protection

In our opinion, an off-site backup solution offers a more reliable form of data protection against a Ransomware attack than a storage media alternative. Services such as Veeam Cloud Connect can provide a regularly scheduled backup service that takes physical and virtual backups off-site, where they are secured in an air-gapped data centre location.

Cloud-based backup solutions can also be combined with Object Storage for an extra layer of data protection to an already air-gapped data set. Object storage provides immutability, which means once written to the disk, data cannot be re-written and provides an impervious backup, should the Ransomware somehow manage to bridge an air-gapped wall.

Need some advice?

If you’d like to find out more about how we can help secure your business data against Ransomware, you can contact the team on +44 (0)3453 888327 or by emailing enquires@virtualDCS.co.uk.