Stories
Slash Boxes
Comments

SoylentNews is people

Backups "No Longer Effective" for Stopping Ransomware Attacks

posted by martyb on Saturday February 26 2022, @03:16PM   Printer-friendly

upstart writes:

Backups 'no longer effective' for stopping ransomware attacks:

The growth of double extortion – and even triple extortion – ransomware attacks is in danger of rendering common, traditional methods of mitigating the impact of a ransomware hit, such as well-maintained backups, less efficacious, according to a report from machine identity specialist Venafi.

Data collated from Venafi's worldwide survey of IT and security decision-makers reveal that 83% of successful ransomware attacks now involve alternative extortion methods – for example, using stolen data to extort customers (38%), leaking data to the dark web (35%), and informing customers that their data has been compromised (32%). A mere 17% of attacks merely ask for money for a decryption key.

Venafi said that this means that because ransomware attacks now rely on data exfiltration, effective backup strategies are therefore to some extent "no longer effective" for containing a breach.

"Ransomware attacks have become much more dangerous. They have evolved beyond basic security defences and business continuity techniques like next-gen antivirus and backups," said Kevin Bocek, vice-president of business development and threat intelligence at Venafi.

Venafi also found that cyber criminals are increasingly following through on their threats whether or not they get paid. Indeed, 18% of victims had their data leaked despite paying, while more than the 16% who refused outright to pay anything and had their data leaked. Some 8% refused outright, but then had their customers extorted; and 35% paid, but were left hanging, unable to retrieve their data.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Backups "No Longer Effective" for Stopping Ransomware Attacks | Log In/Create an Account | Top | 35 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Insightful) by Anonymous Coward on Saturday February 26 2022, @04:43PM (2 children)

    by Anonymous Coward on Saturday February 26 2022, @04:43PM (#1225113)

    What this says, is that you need a different method of backing up. As in, the computers with the data aren't connected to the net and only the encrypted files are backed up. This has logistical issues as encrypted files can't be compressed and shouldn't be deduplicated.

    In other words a lot of sneakernet transfers and wasted storage space. As well as something like mirrored zfs with snapshots enabled.

    Starting Score:    0  points
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Total Score:   1  

  • (Score: 2, Informative) by Anonymous Coward on Saturday February 26 2022, @08:49PM (1 child)

    by Anonymous Coward on Saturday February 26 2022, @08:49PM (#1225169)

    You compress the files before encrypting

    • (Score: 0) by Anonymous Coward on Saturday February 26 2022, @10:19PM

      by Anonymous Coward on Saturday February 26 2022, @10:19PM (#1225193)

      It depends how you're storing the files. Compressing individual files may or may not be acceptable.