In the fight against ransomware, Microsoft must do more

Not a day goes by that I don’t hear about some business or consultant affected by ransomware. Often, the incident starts with a phishing attack or from a vulnerability introduced by delayed patching. Or it could be a consultant tool that should have been coded better. Regardless of how it began, if you attempt to recover from a backup (assuming you have a viable one on hand) or pay the ransom and attempt to unencrypt your data, recovery will take time.

That’s time companies often don’t have.

Last week, the US government set up the Stopransomware website to help businesses, schools, and other organizations deal with ransomware attacks. Included in the guidance are recommendations regarding backing up:

“It is critical to maintain offline, encrypted backups of data and to regularly test your backups. Backup procedures should be conducted on a regular basis. It is important that backups be maintained offline, as many ransomware variants attempt to find and delete any accessible backups. Maintaining offline, current backups is most critical because there is no need to pay a ransom for data that is readily accessible to your organization.

“Maintain regularly updated ‘gold images’ of critical systems in the event they need to be rebuilt. This entails maintaining image ‘templates’ that include a preconfigured operating system (OS) and associated software applications that can be quickly deployed to rebuild a system, such as a virtual machine or server.

“Retain backup hardware to rebuild systems in the event rebuilding the primary system is not preferred. Hardware that is newer or older than the primary system can present installation or compatibility hurdles when rebuilding from images.

Copyright © 2021 IDG Communications, Inc.

Checkout latest world news below links :
World News || Latest News || U.S. News

Source link

Back to top button
SoundCloud To Mp3