Oct 26 2016

What’s a Better Defense Against Ransomware: Physical or Cloud Backups?

Data backup can protect you in a ransomware attack, but there are notable pros and cons to weigh when considering an on-premises or off-premises solution.

Ransomware attacks — in which criminals steal your data and then demand payment for its return — are on the rise, and cybersecurity experts are warning businesses to protect their data quickly.

At a recent ransomware workshop hosted by the Federal Trade Commission, FTC Chairwoman Edith Ramirez said, “Ransomware is among the most troubling cyberthreats.”

The Justice Department says there are now an average of 4,000 ransomware attacks a day. Craig Williams, senior technical leader and global outreach leader with Cisco Talos Security Intelligence and Research Group, says now that attackers can demand payments in the relatively untraceable Bitcoin currency, ransomware attacks have become an easy way for cybercriminals to make a lot of money. So how can you protect your business?

Backing up your data is one of the best lines of defense against a ransomware attack according to cybersecurity experts like Williams.

“The easiest way to fight ransomware is to simply back up your data,” he says. “Unfortunately, that’s not how most people operate. The whole reason people pay the ransom is because they don’t have that backup.”

But which is better: a physical data backup solution or a cloud-based solution?

Cloud Backup Versus Physical Backup

Williams says both are good options, but you have to look at what works best for your organization.

“The cloud is awfully handy because you can access it from anywhere, but the problem with cloud is that it’s slow,” he says. “If you have to restore an entire system or business from the cloud, that’s going to take a significant amount of time, resulting in more downtime for the business, which is going to cost the victim more money.”

But by itself, physically backing up data isn’t a bulletproof plan.

“If you opt to back up to a hard drive, when you’re done, unplug it,” says Williams. “Don’t leave it plugged in to your system where it’s at risk.”

Scott Moskalik, business technologies manager for Wowza Media Systems, says his company issues external hard drives to each of its 100 employees. Data is encrypted and backed up to the hard drives daily.

Cost is another issue to consider. Williams says backing up data to a local drive is costlier, but if you can afford it, this option provides more security and privacy.

“Cloud backup is fine as long as the data is not what you would consider sensitive. Obviously, you need to look at the privacy policies of the cloud provider,” explains Williams.

Be Prepared: The Ransomware Threat Is Real

Whatever you do, Williams urges organizations to take the threat of a ransomware attack seriously.

“These criminal organizations are making between 30 and 60 million dollars from one piece of ransomware. We’ve basically reached a time where these criminal organizations are at a funding level similar to state-sponsored malware,” he says.

Still not sure which type of backup — physical or cloud-based — is right for your business? Read through these pros and cons and decide which option best suits your needs.


Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT