About the only thing more frustrating and annoying than a ransomware attack that encrypts an organization’s data is discovering that the files that were backed up to replace those files have been encrypted as well. To help prevent that from happening, BackupAssist this week added a CryptoSafeGaurd capability to its backup and recovery software that prevents files that have been infected with malware from being backed up in the first place.
BackupAssist CEO Linus Chang says the company’s namesake data protection software can now scan for signs that source files have been tampered with. Once discovered, BackupAssist will then send a notification to the IT administrator to alert them to the suspicious nature of any file.
By not allowing a backup to proceed, Chang says, BackupAssist effectively preserves the last known good backup to acquire, thereby protecting the data any organization would need to recover from a ransomware attack without having to pay a ransom to gain access to encryption keys.
“You can think of it as an undo button,” says Chang.
Most of the damage being inflicted by ransomware doesn’t come in the form of payments made in digital currencies such as bitcoins. Most organization refuse to pay ransom on principle unless accessing a specific set of data is absolutely critical. The real damage to a business comes in the form of all the downtime experienced when trying to recover from a ransomware attack. Of course, if an organization can’t recover a pristine copy of its data in the first place, then like it or not, it may have no other option than coughing up a ransom. To paraphrase an old saying, however, fooled once and it’s shame on the cybercriminal. Fooled twice, however, is a whole other matter.