You and a ransomware resilient back-up

by
ransomware resilient back-up diagram

Ransomware Back-ups and You

I want to take a little time today to discuss some of the things you need to think about when it comes to ransomware and your backups. Previous articles in the series have concentrated mainly on the big picture, but today we have some small picture advice.

Ransomware Resilient Back-up

I am going to point you at my previous article which explains clearly what a ransomware resilient back-up consists of:

What exactly do I mean when I say “ransomware resilient back-up”?

This is your absolute minimum requirement to protect your organisation from ransomware. If your data is encrypted – you can go to this back-up and retrieve your information, without paying a ransom. This advice is in line with the advice given by The National Cyber Security Centre. (NCSC, 2022)

But a ransomware resilient back-up is not going to be effective if not all your important information is included.

Back-up everything – That is a ransomware resilient back-up

It sounds obvious, but many, many times when we discuss back-ups with new clients we discover some vital store of information that has been missed from the organisation’s resilient back-up plan (Richardson and North. 2017).

Here are the two most frequent offenders:

Accounting and payroll software

Often either not backed-up or just backed-up onto portable USB memory sticks carried in the user’s work bag. No reporting or accountability at all. This data is not normally encrypted in an attack – although I have not checked this extensively and who knows what the threat actors will encrypt tomorrow – the issues arise when the accounting machine is the source of the malware attack.

You will need a resilient back-up plan for that data.

Windows Desktops

Probably the most forgotten storage location and most abused by users. (Take a moment and look at your computer desktop and see how much important information you have stored there. Or are you one of the minority who has a clean desktop?)

You and a ransomware resilient back-up Cyber Awake
My clean desktop

So here are two tips for making sure that desktop information is backed up:

  • Create shortcuts to folders that are included in the back-up. On my desktop I have a shortcut to a folder in SharePoint (which is backed-up) where I keep my reading and research – something I use everyday.
  • Microsoft 365 for Business includes a local setting that will back-up a desktop. You find it here:
    • Open the company OneDrive settings locally.
You and a ransomware resilient back-up Cyber Awake
  • Go to “Manage back up”
You and a ransomware resilient back-up Cyber Awake
  • Select the locations you want included in your OneDrive sync and Microsoft 365 back-up.
You and a ransomware resilient back-up Cyber Awake

Training and Policies and Procedures

Your take aways from this when it comes to ransomware and back-ups

Someone needs to check:

  • If your team are saving files to their desktops
  • You either need to train your team on NOT saving to their desktops (good luck with that) – or have a way of backing up those desktops.
  • If you use Microsoft 365 for Business, then train your team in the above procedure – feel free to use my graphics.
  • Circulate your policies and procedures on where you want data saved.

Now you have to check two more things:

  • Remember Microsoft 365 cloud storage is not a back-up. Microsoft in describing the “shared responsibility” makes it clear that users are responsible for their own data (Lanfear. 2022). So how do you back-up your company Microsoft 365.
  • Check that all your other vital information systems are backed-up, for example accounting and payroll, factory control data, CAD and CNC files, websites and website data, etc..

Next

Which systems?


Clive Catton MSc (Cyber Security) – by-line and other articles

References

NCSC. (2022). Offline backups in an online world. NCSC. Retrieved November 30, 2022, from https://www.ncsc.gov.uk/blog-post/offline-backups-in-an-online-world

Lanfear, T. (2022). Shared responsibility in the cloud. Microsoft Learn. Retrieved February 20, 2023, from https://learn.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility

Richardson, R., & North, M. M. (2017). Ransomware: Evolution, mitigation and prevention. International Management Review13(1), 10.

Further Reading

The rise and fall of removable media

Ransomware Mini-Series (2023)

This is part 7 of my ransomware mini-series:

Ransomware: Is it a Threat? (Part 1)

A Bag of Spanners – Planning and Preparation (Part 2)

Minimise the Damage – Planning and Preparation (Part 3)

Detecting Ransomware (Part 4)

Ransomware – What Not To Do! (Part 5)

Ransomware – The Impact (Part 6)

Contact us for consultation

Wake up to cyber threats..

You and a ransomware resilient back-up Cyber Awake
HQ Based between Newark and Lincoln

Get in touch

CyberAwake
Unit 2 Kingsley Court
Kingsley Road
Lincoln
LN6 3TA
United Kingdom

01522 508089

useful links

Website Cookies Icon

This website uses cookies to ensure you get the best experience on our website. Click for more information.

accept & Close