In general, the predictions for next year are not rosy. Not even close. But this one was one that I have questions about because obviously having solid backups is one of the best ways to counter a ransomware infection, right?
4. Backups will be targeted. Again, cyber criminals are trying to do as much damage as possible to make organizations as desperate as possible and demand as much money as possible. Disabling, erasing and encrypting backups will hinder any attempts by organizations to recover. Standard data protection leaves organizations’ backups vulnerable and cyber criminals know it.
It makes sense, for the reasons Jim points out. Your ability to collect ransom payments is diminished if the organization has backups they can simply rebuild with. So, if you can find a way to lock not just the live data, but also the backups, you stand to make more money.
What I wonder is if this will cause organizations to look at that old-school offline backup option? Keep a copy of your data physically away from your network, locked in a drawer or closet, etc.
But, is that even feasible any longer? Is it really possible to take an offline backup every day to restore to? Are larger organizations even going to be able to find a point in time that makes sense? I kind of doubt it, which gets us back to the race between backup solutions and hackers. Can you keep the security of your backup solution ahead of the next ransomware targeted at it?
That’s ultimately the question, and I fear that the answer for too many is going to be no. Better prepare for even more disruptions. (Which is prediction #5 in the article below too)