In Los Angeles, a hospital paid $17,000 to hackers to get its network restored.
In South Carolina, school officials coughed up $10,000 to restore its district-wide system.
In Arizona, the Yuma Sun newspaper refused to pay the $350 demanded by hackers – and barely was able to restore its network in time to get a daily paper produced.
These are just some of the recent incidents involving ransomware – a method by which outsiders can cripple a computer or entire system. Those who launch the attack say they’ll restore access once you pay them in Bitcoin (to avoid tracing the payment).
How a hybrid cloud addresses security concerns
While there are several steps organizations can take to prevent such attacks, one of the most effective ways of counteracting the threat is to use a hybrid cloud model, combining elements of on-premise and cloud systems.
The logic is simple: The attackers assume that if they have blocked your ability to access data stored on your system, you’re helpless until you fork over the payment. But if you have a backup that you can quickly tap into to retrieve all the files in limbo, the threat is moot.
Five ways the hybrid cloud guards against ransomware
Ransomware typically infects your system when someone opens an email attachment. If that computer is connected to a physical network (vs. a virtual one), it can quickly spread and take its toll.
It’s a different story when you’re using a hybrid cloud. Here are five reasons why it’s a better way to keep safe:
- Data security – You can store sensitive data internally, but access it externally through such secure access methods as VPN tunnels, authentication and encryption.
- Industry compliance – Cloud providers often make significant investments to ensure that their platforms comply with standards for regulated industries. You get the benefit with little of the cost.
- Disaster recovery – As we said, having backup in a separate cloud can allow for seamless disaster recovery and business continuity if you’re attacked.
- Network security – A good hybrid cloud service will have firewalls and other advanced security methods to block attacks before they reach data.
- Security control and management – Some hybrid cloud platforms allow you to carry your security policies between the public and private clouds to make security seamless between the two. You may also be given a set of role-based security controls to let your IT administrators tweak security settings as they wish.
Whatever method you pick to protect your system, don’t put it off. While ransomware has been around for a long time, it is a real and growing threat.
Ideally, you’ll be in a position like the leaders of the North Dorset District Council, a small government body in southwest England, that was recently attacked by ransomware hackers. Its IT department was able to quickly restore the system and the leaders told the hackers that their actions wouldn’t be rewarded:
“The council has not made, and will not make ransom payments in such circumstances. We are currently working with other public sector agencies, including the police, to identify the source.”