Don’t Wanna Pay The Bad Guys Ransom? Pay More Attention To Your Backups

Back in February 2021, we posted an article titled “Paying A Ransome - Don’t Make The Same Mistake twice”. In that article, we showed you how one organization fell victim and paid the same bad guys twice. Had they done their homework, they might have prevented the second breach and paying the ransom twice.

This new article discusses some common backup scenarios of a victim organization and what you can do to better prepare. You will also learn how important it is for your organization to be proactive by thinking outside the box and paying more attention to your backups’ situation.

Bill Siegel, CEO and co-founder of [Coveware], a company that negotiates ransomware payments for victims, said most companies that pay either don’t have properly configured backups or they haven’t tested their resiliency or the ability to recover their backups against the ransomware scenario.

The first question one should ask is - Does your organization have any type of contingency plan in place in case of a breach? Experts say the biggest reason ransomware targets and/or their insurance providers still pay when they already have reliable backups is that nobody at the victim organization bothered to test in advance how long this data restoration process might take.

Be proactive - It is recommended that your organizations need to both test your backups and develop a plan for prioritizing the restoration of critical systems needed to rebuild your network. Don’t wait until after something happen to do what you should have done in the first place in order to protect your organization.

Please don’t say “I could have” or “I would have” done this or that. Be proactive and have a sound backup plan in place. Learn more here.

And the original article is detailed in this blog post from NCSC - it’s important to treat the cause, not just the symptoms: The Rise of Ransomware