FAQ - Ransomware Attacks, Keeping Data Safe and Recovery

 
Ransomware Attacks
 
Is my data safe?
Yes, we keep a backup of your data in a form that cannot be accessed or compromised. In the event of successful attack we would restore your data from backup to a point in time before the attack.
 
Can an attack be prevented?
Yes it can, but to do this relies on good discipline and good working practice from both us and you.
 
For our part we apply all essential patches that get released by Microsoft automatically to machines in our data center (unless the customer asks us not to). We also update virus definitions daily and use an enterprise strength mail scanner to keep suspect emails out.
 
Despite this there is still a risk. The virus and mail scanners mentioned above essentially play catch up with the attackers, as new ways are found to attack computers the vendors release updates to block them. This means there can be a short period of time when you are at risk. These ransom attacks are not really that sophisticated, the term hacking is used which suggests the attacker has found some ingenious way to break in, whereas in most cases they rely on catching users off guard.
 
The easiest way into an organisation’s IT systems is via email, most people receive external emails and many of these will have attachments. Sending email attachments is the most popular way attackers get malicious software onto computers, typically by sending a document containing macros.
 
Ideally you would not allow emails with an attachment, but in the real world this is difficult. So the next best thing to do is educate users not open emails / attachments from sources that you do not trust. In addition products such as Microsoft Office and Adobe Reader are usually configured to warn before opening if a macro is detected in a document. These warnings should not be ignored as once a malicious macro runs it's pretty much too late to prevent the damage.
 
 

Add Feedback