{"id":7242,"date":"2017-04-05T08:10:40","date_gmt":"2017-04-05T16:10:40","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/04\/05\/news-1033\/"},"modified":"2017-04-05T08:10:40","modified_gmt":"2017-04-05T16:10:40","slug":"news-1033","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/04\/05\/news-1033\/","title":{"rendered":"3, 2, 1, GO! Make backups of your data!"},"content":{"rendered":"<p><strong>Credit to Author: Jean Taggart| Date: Wed, 05 Apr 2017 15:00:06 +0000<\/strong><\/p>\n<p>With the recent proliferation of <a href=\"https:\/\/en.wikipedia.org\/wiki\/Ransomware\" target=\"_blank\">ransomware<\/a>, a type of malware that encrypts your data and holds it hostage until payment is received, what should be done to protect valuable data?<\/p>\n<p>One of the best defences against this threat is having a good backup\u00a0strategy. This\u00a0protects your data against all sorts of unpleasant mishaps. How frequently you make them, what you make them to, where they are stored, as well as deploying the automation\u00a0required to maintain said backup regimen is also crucial. We\u00a0should all be\u00a0familiar with making backups, but there is a useful rule of thumb\u00a0called\u00a0the &#8220;3-2-1 rule&#8221;.<\/p>\n<p>A\u00a0good backup regimen could mean the difference between\u00a0surviving a catastrophic event\u00a0such as ransomware or shutting down the business. Let&#8217;s use an example file called &#8220;Important_stuff.txt&#8221; to explain how this all\u00a0works.<\/p>\n<h3><\/h3>\n<h3>3 Different copies!<\/h3>\n<p>For an effective backup plan, you should have at least 3 different copies of this file. A good example would be:<\/p>\n<ul>\n<li>One on a workstation, stored locally for editing\u00a0or\u00a0on a local server, for ease of access.<\/li>\n<li>One stored on a cloud backup solution.<\/li>\n<li>One stored on a long-term storage such as a drive array, replicated offsite, or even\u00a0an old school tape drive.<\/li>\n<\/ul>\n<p>This diversity of backups is there to ensure your documents are available with added redundancy. If\u00a0the hard drive on your workstation fails, you have a backup on the server. Server down? The cloud copy is still an option.<\/p>\n<p>If the\u00a0ransomware did its thing while the server share\u00a0was mounted to your workstation, it might\u00a0also be encrypted. Here the cloud\u00a0copy would save the day.<\/p>\n<p>This is the reason why having 3 different copies is a good idea.<\/p>\n<p>&nbsp;<\/p>\n<h3>2 Different forms of media!<\/h3>\n<p>In the example given above, we had 3 copies of our file. The type of media this file is\u00a0saved to is also important. The hard drive of the workstation\u00a0and the external share\u00a0are the fundamentally the same, but the cloud storage\u00a0is different, as is the tape drive and the\u00a0disk.<\/p>\n<p>The different media rule most probably harkens back to the days of tape drive backups. If your backup regimen lacked diversity and consisted of only tape drives, it was vulnerable to a failure of the tape drive reader.<\/p>\n<p>This scenario is where the main hard drive fails and the tape drive reader ALSO fails. As tape drives were\u00a0a long-term storage option, it wouldn&#8217;t be uncommon for a new\u00a0tape drive reader to become hard to source. This means trying to find\u00a0a new or functioning reader could become difficult making your backups are inaccessible.<\/p>\n<p>The takeaway\u00a0is that media diversity is equally important. You could store &#8220;Important_stuff.txt&#8221; on multiple different media, just as long as all your eggs aren&#8217;t all in the same technological basket.<\/p>\n<p>Having a diversity of media helps reduce the chances that all possible avenues of recovery will be inaccessible through equipment failure.<\/p>\n<h4><\/h4>\n<h3>1 Copy stored offsite!<\/h3>\n<p>One copy of the backup should be stored offsite. If the head office\u00a0burns down, it won&#8217;t matter how many backups you had. In our example, storing &#8220;Important_stuff.txt&#8221; on a tape drive and having it in a safety deposit box at your bank would negate the &#8220;office-burning-down&#8221; scenario as well as the perfect storm of ransomware encrypting everything.<\/p>\n<p>Offsite copies\u00a0will help mitigate a localized event.<\/p>\n<p>&nbsp;<\/p>\n<h3>A word on security.<\/h3>\n<p>You should make all best efforts to secure these backups. For\u00a0an attacker, &#8220;Important_stuff.txt&#8221; is\u00a0something that is immediately identified as a high-value item. Remember that if you store your backup in the cloud, the stuarts of this cloud could have access to them. Portable drives are, well&#8230; portable, and by this I mean they can be portable in someone else&#8217;s pocket!<\/p>\n<ul>\n<li>Use strong passwords on that offsite cloud service. Select cloud backup solutions that are zero-knowledge. (The stuarts of the cloud don&#8217;t have access to your data in unencrypted form!)<\/li>\n<li>Encrypt the data backed up to external solutions.<\/li>\n<li>Store these backups in a safe place, preferably under lock and key.<\/li>\n<\/ul>\n<p>The examples above where encryption is used are how it\u00a0is beneficial, as opposed to how it is used by ransomware authors.<\/p>\n<p>&nbsp;<\/p>\n<h3>Good automation and discipline!<\/h3>\n<p>The single greatest obstacle to a proper 3-2-1 backup regimen is the discipline required to maintain it. A good way to mitigate this is to automate the backup process. The backing up of\u00a0&#8220;Important_stuff.txt&#8221; should be\u00a0transparent to its owner.<\/p>\n<p>Having\u00a0backups gives you the option to deny ransomware authors\u00a0by choosing the painful option and restoring\u00a0from backups&#8230;<\/p>\n<p>You could also install our\u00a0<a href=\"https:\/\/www.malwarebytes.com\/business\/\" target=\"_blank\">product<\/a>\u00a0to mitigate ransomware attacks.\u00a0(This should not be thought of as a replacement for a good backup strategy!)<\/p>\n<p>&nbsp;<\/p>\n<h3>Payment must be the absolute last resort.<\/h3>\n<p><span style=\"text-decoration: underline\">Any option other than paying the cybercriminals for a decryption key is preferable.<\/span>\u00a0This is why when we see news reports\u00a0recommending paying the ransom we collectively shake our heads. Encouraging familiarity with the Bitcoin ecosystem isn&#8217;t bad at all. Crypto-currencies are fascinating. Having some stored on hand for a quick payment, however, implies a fundamental failure.<\/p>\n<p>Remember, when you pay the bad guys, you reinforce the viability of these types of attacks. You are teaching them\u00a0that ransomware works.<\/p>\n<p>&nbsp;<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/101\/2017\/04\/3-2-1-go-make-backups-of-your-data-draft\/\">3, 2, 1, GO! Make backups of your data!<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/101\/2017\/04\/3-2-1-go-make-backups-of-your-data-draft\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Jean Taggart| Date: Wed, 05 Apr 2017 15:00:06 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/101\/2017\/04\/3-2-1-go-make-backups-of-your-data-draft\/' title='3, 2, 1, GO! Make backups of your data!'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2016\/06\/photodune-5797840-backup-m.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>One of the best defenses against ransomware is having a good backup strategy. Having good backups protects your data against all sorts of unpleasant mishaps. A useful rule of thumb called the &#8220;3-2-1 rule&#8221;, learn about it here.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/101\/\" rel=\"category tag\">101<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/101\/how-tos\/\" rel=\"category tag\">How-tos<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/backups\/\" rel=\"tag\">backups<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cybersecurity\/\" rel=\"tag\">cybersecurity<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ransomware\/\" rel=\"tag\">ransomware<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/101\/2017\/04\/3-2-1-go-make-backups-of-your-data-draft\/' title='3, 2, 1, GO! Make backups of your data!'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/101\/2017\/04\/3-2-1-go-make-backups-of-your-data-draft\/\">3, 2, 1, GO! Make backups of your data!<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[10519,11885,4500,11171,3765],"class_list":["post-7242","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-10519","tag-backups","tag-cybersecurity","tag-how-tos","tag-ransomware"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7242","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7242"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7242\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7242"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7242"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7242"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}