By now, you’ve undoubtedly heard the news. Last Friday, Texas became the latest addition to a very long list of US government targets victimized by ransomware. What makes this case stand out is the wide impact of the attacks, which targeted 23 different Texas municipalities in one coordinated sweep. But what’s all too familiar? The fact that the ensuing headaches, like those caused by many prior ransomware hits, could have been avoided with the adoption of existing tools that empower your organization’s data and systems to self-protect.
The Texas Case
In this latest bout, it appears attackers first infiltrated government systems using a common malware strain called the Trickbot trojan, likely through phishing emails or drive-by downloads. Once the trojan infects systems, it can be used to download and deploy ransomware – in this case, the relatively well-known Sodinokibi (REvil) strain. Recent reporting suggests the attackers may have spread the infection via a managed service provider (MSP) IT support software used by many of the affected municipalities.
An Innovative Solution Already Exists
Once hit by an attack, government leaders like those in Texas face a difficult decision – suffer costly downtime to fix or replace infected systems, losing troves of data as a result, or pay up. Ultimately though, this is a false choice.
With Acronis SCS Backup 12.5 in place, your organization can stop ransomware attacks in their tracks, before that choice becomes a necessity. But how? Our solution integrates the cyber protection industry’s first AI-powered, anti-ransomware defense into our backup software. Called Active Protection, this built-in module uses AI and machine learning to automatically detect, stop, and repair the damage from thousands of ransomware variants, including the Sodinokibi strain. And because it is behavior-based, the software stops zero-day attacks better than even the most up-to-date signature-based anti-virus solutions on the market.
Last year alone, Active Protection successfully thwarted 400,000 ransomware attacks. Best of all, it requires no extra effort from organizations that employ it. Just turn the feature on via an easy-to-use, web-based interface and schedule and run your backups as you normally would. Active Protection notifies IT staff once it detects abnormal behavior (like the beginnings of mass encryption of your data), stops and reverses the effects of that attack, and automatically adds the detected strain onto a blacklist. If it weren’t for that alert function, your organization would never have cause to know an attack had even been attempted – that’s how seamless the Active Protection response is.
Backup – Now and Often
Ultimately, Acronis SCS Backup 12.5, offers two lines of defense. Active Protection is the first. Second though, is the backup and recovery features themselves. The software can be configured to backup to both on-site premises and an off-site location, like the cloud – a critical feature for mitigating the effects of ransomware strains capable of encrypting locally stored backups. Should your organization suffer a breach (ransomware or otherwise) that compromises systems, data, or applications, simply restore any infected hardware or software from the latest backups.
Both experts and “white hat” hackers agree: having a reliable and resilient backup solution can save you from unnecessary downtime and ransom payments. And whether your organization is in the process of modernizing its IT infrastructure, operating in a hybrid environment with both legacy and newer systems, or lacks the safeguards of a zero trust internal security model, Acronis SCS Backup 12.5 is here to help.
So What’s the Hold Up?
In a cyber era where criminals with relatively low technical skills can build their own unique strain of ransomware designed to wreak havoc, it’s not a matter of if you will be attacked, but when.
Don’t let your organization be the next statistic. Learn from the mistakes of these 23 Texas communities… of Baltimore… of Atlanta… of the multiple Louisiana public school systems hit in July (the list goes on), and take charge of your cyber protection now – before it’s too late.