Monday, April 20, 2020

Word of the Day: ransomware recovery

 
Word of the Day WhatIs.com
Daily updates on the latest technology terms | April 20, 2020
ransomware recovery

Ransomware recovery is the process of resuming operations following a security exploit in which the attacker encrypts the victim's data and demands financial payment for the decryption key. According to a recent study by Proofpoint, about half of all ransomware targets in the U.S. end up paying the attacker's ransom request in order to recover their hijacked data as quickly as possible.

 

Fast recovery time is one of the most important aspects of ransomware recovery. Even if an organization refuses to pay a ransom because they know they can restore data from an unencrypted backup, the cost of downtime can result in lost revenue and reputational damage. When testing a ransomware recovery plan, it is important for administrators to schedule backups that run frequently; this will ensure that any data loss during the restore process will be acceptable.

 

Organizations that follow the 3-2-1 rule of backup are often in a good position to recover data in a timely manner after a ransomware attack without having to pay a ransom. This type of layered backup strategy ensures there are always three copies of recent data, on at least two different media types, with at least one copy air-gapped and stored offsite or offline.

 

In many ways, ransomware recovery is just a special type of disaster recovery (DR). To aid with recovery, network administrators should identify which workloads are most important to the survival of the business and make sure those workloads are safely backed up. To get the organization up and running as quickly as possible, administrators typically restore the most critical data and operations first, followed by less important workloads. Continue reading...

Today's Takeaway

 

"...Cybercriminals are programming ransomware to lie in wait, sometimes for as long as a few months, to ensure plenty of backups of the infected system have been created. This is done so when encryption does occur, recovering to a clean backup is nearly impossible, increasing the probability of a payout of the ransom." - Nick Cavalancia

Today's Buzzwords

 

island hopping attack
In this supply chain exploit, the attacker targets a weak downstream supplier to break into a stronger target's network.

cybersecurity insurance
It's the ultimate chicken and egg situation. When your insurance company pays a ransom, will that encourage more attacks?

Maze
Maze is a cybercriminal gang known for publicly listing its ransomware victims.

Quiz Yourself

 

This type of malware has a back door that gives the attacker administrative control over the target computer.

a. remote access Trojan (RAT)

b. remote keyless entry (RKE)
Answer

Stay in Touch

 

Thank you for reading! For feedback about any of our definitions or to suggest a new definition (or learning resource) please contact us at: editor@whatIs.com

FOLLOW US

TwitterRSS
About This E-Newsletter
The Word of the Day is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US.

Click to: Unsubscribe.

You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com.

© 2019 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners.

Privacy Policy | Partners List
TechTarget

No comments: