Word of the Day: ransomware recovery

Word of the Day: Daily updates on the latest technology terms

Word of the Day Daily updates on the latest technology terms | July 28, 2020 ransomware recovery Ransomware recovery is the process of resuming operations following a security exploit in which the attacker encrypts the victim's data and demands financial payment for the decryption key. According to a recent study by Proofpoint, about half of all ransomware targets in the U.S. end up paying the attacker's ransom request in order to recover their hijacked data as quickly as possible.   Fast recovery time is one of the most important aspects of ransomware recovery. Even if an organization refuses to pay a ransom because they know they can restore data from an unencrypted backup, the cost of downtime can result in lost revenue and reputational damage. When testing a ransomware recovery plan, it is important for administrators to schedule backups that run frequently; this will ensure that any data loss during the restore process will be acceptable.   Organizations that follow the 3-2-1 rule of backup are often in a good position to recover data in a timely manner after a ransomware attack without having to pay a ransom. This type of layered backup strategy ensures there are always three copies of recent data, on at least two different media types, with at least one copy air-gapped and stored offsite or offline.   In many ways, ransomware recovery is just a special type of disaster recovery (DR). To aid with recovery, network administrators should identify which workloads are most important to the survival of the business and make sure those workloads are safely backed up. To get the organization up and running as quickly as possible, administrators typically restore the most critical data and operations first, followed by less important workloads. Continue reading... Today's Takeaway "...Cybercriminals are programming ransomware to lie in wait, sometimes for as long as a few months, to ensure plenty of backups of the infected system have been created. This is done so when encryption does occur, recovering to a clean backup is nearly impossible, increasing the probability of a payout of the ransom." - Nick Cavalancia Related Terms You Should Know ransomware disaster recovery plan malware encryption encryption key 3-2-1 backup air gapping supply chain security remote desktop protocol ransomware as a service watering hole attack Today's Buzzwords island hopping attack In this supply chain exploit, the attacker targets a weak downstream supplier to break into a stronger target's network. cybersecurity insurance It's the ultimate chicken and egg situation. When your insurance company pays a ransom, will that encourage more attacks? Maze Maze is a cybercriminal gang known for publicly listing its ransomware victims. Quiz Yourself This type of malware has a back door that gives the attacker administrative control over the target computer. a. remote access Trojan (RAT) b. remote keyless entry (RKE) Answer Stay in Touch Thank you for reading! For feedback about any of our definitions or to suggest a new definition (or learning resource) please contact us at: editor@whatIs.com FOLLOW US About This E-Newsletter The Word of the Day is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US. Click to: Unsubscribe. You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com. © 2019 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners. Privacy Policy | Partners List