By Richard Massey, South Africa and Israel regional sales director, Arcserve EMEA North
Massive. Unprecedented. A weapon of mass destruction. That’s how cyber security experts described the impact of the ransomware known as WannaCry that swept across the globe in recent weeks. In just a few hours, more than 99 countries were affected and 57,000 cases documented. And although healthcare providers were targeted in May’s attack, over the past few years UK universities and other educational institutions have also been hit hard.
With these high stakes, it’s even more important that data protected against ransomware attacks
IT teams in educational organisations have a tough job, often working across multiple campuses with diverse data centres that back up data independently. These teams are responsible for vast amounts of critical data: students can’t afford to lose their work and lecturers and teachers need their notes to teach effectively. Just like every business, bills and salaries have to be paid – impossible without crucial financial data. With these high stakes, it’s even more important that data protected against ransomware attacks.
When a system is breached, hackers lock down data until a ransom is paid. The more vital that data is to an organisation, the better. As the threat to schools, colleges and universities has increased, many have introduced sophisticated security solutions to protect themselves against an attack. However, there is always a chance that rogue malware may slip through. Once affected, many IT managers believe handing over a ransom is their only option for rapid resolution. There is an alternative and it’s already employed in many educational institutions.
Backup and recovery
Data protection and recovery solutions, implemented precisely for business continuity, are a key line of defence against ransomware. As part of a robust data protection strategy, they can restore timely data quickly.
Data can’t be held to ransom if another current copy can be easily recovered. The threat is defused: the hacker is powerless to demand any kind of payment for data that is no longer missing.
Getting to know your data
This level of protection relies on implementing the right strategy, and for that IT teams need to spend time getting to know their data. If the worst happens, and every single piece of data is lost, what would the team need to get the organisation up and running quickly? Which data is less critical?
Armed with this knowledge, teams can select which data must be backed up in real-time, which can be backed up less regularly, and how quickly each data set needs to be restored, making it much easier to set effective recovery point objectives and recovery time objectives.
As easy as 3-2-1
Following the golden 3-2-1 backup rule also helps in the fight against ransomware. This principle involves three separate backup copies: one physical, one off-site and one in the cloud. If one data set is hijacked, two further copies can be restored quickly and easily. If data can be recovered quickly, it’s never truly lost.
Test, test, test
An effective data protection strategy has testing as a top priority.
Regular and rigorous testing is the only way to make sure recovery runs as smoothly as possible and staff is ready to act if needed
It’s all very well making sure data is backed up and recoverable in theory, but if the worst happens and ransomware strikes, the IT team needs to know that all the recovery glitches have been ironed out, that they understand how to retrieve data without thumbing through the manual and that the data they’ll be restoring won’t be three days old.
Regular and rigorous testing is the only way to make sure recovery runs as smoothly as possible and staff is ready to act if needed.
Next is making sure everyone in the team knows their role if ransomware hits, that includes deputising if someone is out of the office and who’s called on in the evening or at the weekend. Educating all users about the risks of ransomware including the dangers of clicking on links in unsolicited emails and who to contact if they receive anything suspicious is essential.
Don’t be held to ransom
Ransomware attacks are becoming more common and they can wreak havoc on any organisation. In education, lost coursework could affect students’ overall grades with long-lasting implications. If teaching staff can’t access their plans, lectures and lessons will be below standard.
Hijacked accounting data means bills and staff go unpaid. However, a combination of educating staff and a strong backup and recovery strategy means that ransomware hackers will have to look somewhere else for their payday.