Why virtualDCS and Veeam is Your Best Defence Against Ransomware

A blog by Kurt Kiefer, CRO of virtualDCS.

Ransomware is a rapidly growing threat to modern businesses, but as the risk and severity of Ransomware continues to grow, so do the tools that are available to protect against it.

We believe that technology from virtualDCS and Veeam combined offers the best option for preventing Ransomware attacks and we’ll explore why in this blog post.

What is Ransomware?

Ransomware is a form of malware which prevents the user from accessing their devices and the stored data within them, generally by encrypting your files. The hackers will then demand a ransom in exchange for the decryption key.

This is where virtualDCS and Veeam can help – utilising our services, including Veeam Cloud Connect Backup ensures that your information is regularly and securely protected in off-site data centres. This means that in the event of an attack, you can simply restore data from the backup to avoid paying the ransom. Not only is this a more cost-effective and reliable option but it also avoids supporting criminal activities.

You can read more about this in our blog ‘Air-gapped Business Continuity: the last line of defence against Ransomware’

How does Ransomware work?

There are 3 main stages of a Ransomware attack.

Access – Attackers gain access to the organisation’s network to establish control and plant malicious encryption software. While they’re doing this, they may also take copies of your data and threaten to leak it unless financial payment is made.

Activation – The malware is then activated, locking devices and encrypting data across the network.

The demand – You’ll then usually receive an on-screen notification detailing the cost of the Ransom and how to make the payment to regain access to the information. Payment is usually demanded via an anonymous web page and usually in a cryptocurrency format, such as Bitcoin.

Unfortunately, even if you pay the ransom, there is no guarantee that you will regain access to your data. This is where Disaster Recovery solutions become crucial and with the help of virtualDCS and Veeam, you can ensure that your data is backed up and recoverable.

By implementing a comprehensive Disaster Recovery strategy and regularly backing up your data, you can mitigate the risks associated with Ransomware and protect your business from potential data loss.

How Can I Protect Myself from Ransomware?

According to the National Cyber Security Centre, there are four actions that companies – no matter their size – should take.

We’ve summarised the advice below:

1) Take Regular Backups

Having access to up-to-date backups is one of the most effective ways of recovering from a Ransomware attack. Organisations should:

• Take regular backups of the most important data (this information will differ for each organisation).
• Ensure you know how to effectively restore data from the backup.
• Regularly test that the backup recovery process is working as expected.

As Ransomware crawls and targets all connected networks and systems, organisations should also ensure that an offline backup is created and kept in a separate location. Some Ransomware has also been known to actively target backups to increase the likelihood of payment, so air-gapped separation is essential.

Organisations also need to explore using different storage locations and taking multiple backups across different solutions to mitigate any hardware failures during a recovery process. If using a removable device as a backup point, this also needs to be removed from the main as many attackers will also target connected backup devices.

2) Prevent malware delivery and cross contamination

To help prevent malicious content from reaching your devices, organisations should deploy advanced filtering to block file types and websites that are known for suspicious activities. Protection methods include:

• Using mail filtering technology to block malicious emails and remove executable attachments. virtualDCS can provide this service through our ‘CloudCover Cyber Protect’ solution, as we partner with Vade to deliver leading AI-driven cyber protection.
• Disable Remote Desktop Protocol (RDP) access if it is not utilised as Ransomware is increasingly being deployed into organisations through these exposed services.
• Enable multifactor authentication (MFA) or Single Sign-on (SSO) across all remote access points and devices as standard.
• Organisations should use MFA to authenticate users and their logins. If malware steals credentials, then the hackers can’t reach any uncompromised accounts or disconnected networks. This is especially important for administration accounts.

3) Malware device prevention

It’s important to take a ‘defence in depth’ approach and assume that malware will reach your devices, so you need to be able to take steps to prevent malware from running. These methods will vary depending on the device types, but you should start by exploring device-level security features.

Organisations should:

• Centrally manage devices and permit trusted applications to run from authenticated app stores.
• Explore enterprise antivirus or anti-malware products, keeping the software and definition files up to date.
• Attackers can exploit vulnerabilities and force code to execute on vulnerable devices.
• Employees need to keep devices configured and up to date, enabling automatic updates and installing security updates as soon as they become available.

4) Prepare for the worst

Ransomware attacks can be devastating for organisations, especially if data cannot be recovered. Data recovery in some instances may take several weeks, and during this time you are leaving your brand and corporate reputation on the line.

Utilising solutions such as CloudCover Shuttle can help to speed up the data recovery process, but it’s also important that your organisation:

• Identifies its critical assets and explores the impact of losing each one to ensure that core data is quickly recoverable.
• Always have a plan for attack and recovery – even if an organisation is not the target, it is possible to get caught in the crossfire.
• Develop an emergency communication system external to the network. The right information needs to be accessed by the right team members quickly in the event of a Ransomware attack. How will you do this without network access?
• Ensure you have a plan in place as to how you will respond to a Ransomware demand and the threat of confidential data being published.
• Understand your legal obligations regarding regulations and inform key stakeholders.
• Clarify the roles and responsibilities of each staff member and third party during a Ransomware attack. Ensure that they know their role within the recovery process.

To effectively recover from a Ransomware attack, it’s important to be able to answer the following:

• How long would it take to restore the organisation’s critical data?
• How could we operate business-critical services during the recovery?
• What is the minimum number of devices we can restore to return to productivity?
• Do we need to rebuild any environments or physical servers?
• Do we fully understand the recovery process we have in place for restoring from a backup?
• Do we have an incident management plan in place for after the recovery?

This above is just a summary of the full, comprehensive recommendations from the NCSC, but the main takeaway is that it is essential to have a robust Disaster Recovery plan in place that considers all potential scenarios, and we can help.

How can virtualDCS and Veeam help me?

Over the last 15 years, virtualDCS has grown and developed its Business Continuity platform on Veeam technology. Veeam is the engine at the centre of everything that we do, and we’ve now created a single pane of glass over the top to provide ease of use and efficiency.

As virtualDCS are an aaS company, our partners and their customers can spin up services within minutes with a simple click of a button and have clear visibility into their environments, as a whole rather than as individual products or data protection services.

virtualDCS allows economy of scale through our multi-tenanted environments that make Cloud computing affordable with no hidden charges. Solutions can be paid for monthly, enabling organisations to scale seamlessly.

We’re proud that virtualDCS Cloud solutions have been designed with Disaster Recovery (DR) and Business Continuity (BC) in mind. Our “immutable backups” feature ensures that even if Ransomware infects your systems, you can still recover your data from an earlier, uninfected state.

We use award-winning Veeam Backup and Replication software to make sure your data is protected at every stage of its lifecycle, whether on-premises, in the Cloud or across Cloud Connect and we can provide a range of recovery options, from instant VM recovery to “Object Storage” backup repositories.

The “Object Storage” option is particularly useful for customers who have large volumes of data to protect and utilises highly scalable and flexible Zadara storage resources, protecting data from any device, on-premises or in the Cloud.

Finally, our Cloud Connect option is ideal for customers who want to protect their data across different Clouds or to an offsite location, offering a method of accessing data from anywhere in the world, using an internet connection. If you have offices in different parts of the world or want to replicate data across multiple locations, this feature is perfect for you.

To sum up, virtualDCS and Veeam offer comprehensive and reliable protection against Ransomware, as well as Disaster Recovery and Business Continuity options that can be tailored to suit any business need. With our award-winning software, Veeam technology, Zadara object Storage and Cloud Connect solution, we have everything you need to protect your business data.

Don’t wait until it’s too late – start preparing today by contacting virtualDCS.