The most pervasive wisdom about preventing damage from ransomware is to backup systems. FujiFilm and Colonial Pipeline in fact, restored from back-ups. So in an era of increased concern about ransomware, is solving the ransomware scourge as simple as investing in some backups?
“If it was that easy, [ransomware] just wouldn’t be an issue,” said Riley Stauffer, security and incident response analyst at managed detection and response firm Pondurance.
Indeed, recovering from ransomware can be tough. Backups can make it easier. But they can’t make it easy. Backups can be damaged, untested, prohibitively difficult to deploy, encrypted by attackers, or restore to the same breached state they backed up. They don’t rid hackers from systems. They don’t address secondary forms of disruption.