Schrödinger’s Backup
By now, every right-minded company should have a decent backup solution in place. However, one ugly truth about backups is usually neglected: victims of ransomware often end up paying the hackers, even when they have done almost everything right from a backup perspective. But why would companies still pay for a key needed to decrypt their own systems?
Surely, organizations often have to pay to keep their data from spreading out into the wide world. That is not what this story is about. It is about companies underestimating the time it takes to bounce back from disaster.
Have you ever tested your backup? If not, you are not alone. Almost one in four companies never have. Regardless, a backup system that is not regularly tested is not really a backup, it is wishful thinking. If you never test your recovery system, you have no idea how long it is going to take to restore your data.
Bill Siegel, CEO of Coveware, puts it like this: “It can be [that they] have 50 petabytes of backups … but it’s in a … facility 30 miles away.… And then they start [restoring over a copper wire from those remote backups] and it’s going really slow … and someone pulls out a calculator and realizes it’s going to take 69 years [to restore what they need]. And then it’s like, “Oh god, how did we never think of this?” Well, you never practiced [restoring your data].”
This is not the only scenario where testing your backup is absolutely crucial. What if:
- You have off-site, encrypted backups, but the digital key needed to decrypt the backups is stored on the same local file-sharing network that gets encrypted by ransomware?
- The attackers manage to corrupt your backups as well?
- The software applications you use to do a restore are in the network that got encrypted?
In addition to testing, you should also develop a plan for prioritizing the restoration of critical systems needed to rebuild your network.
Don’t come up with a plan when it is too late. Have a strategy ready and regularly test your backups. If you just back up your data, hoping you will be able to recover in a timely manner, you are betting against Murphy.
Spoiler alert: Murphy usually wins.
Get in touch with one of our security experts
