In the above story, Arran Brewery’s data was encrypted by ransomware and the attackers demanded a Bitcoin payment to unlock their data. Unfortunately Arran Brewery were using an online data backup system which was also within scope of the ransomware, so effectively they had no recent data backup. They did however have a 3 month old tape backup which they ultimately used to recover enough of their data to continue their business without paying the ransom.
Data backup choices
Here at OWA we provide UK based secure managed hosting services to our clients. Rather than pointing our clients to one of the major Cloud hosting providers, we believe that by offering UK based full managed hosting services ourselves allows us to offer a higher level of service overall to our clients. A key part of the service we offer is to ensure that our client’s data remains secure, both online and at rest.
We provide three separate levels of data backup to our clients:
- On a weekly basis we take a full copy of all of our Virtual Private Servers (VPS) and store these on separate hardware so they can be brought online if required.
- On a weekly basis we take a full copy of all the data which is stored on the Virtual Private Servers and store this on a separate storage array. We also take incremental backups on a daily basis onto the storage array.
- On a weekly basis we take a full copy of the data from each of the Virtual Private Servers and stored this in an encrypted format onto tape – which is then stored securely at an off site location.
For clients who need to ensure the minimum amount of downtime in the event of a hosting related issue we can also host backup copies of our client’s Virtual Private Server at our secondary data centre. The backup servers can be brought online quickly in the event of a major problem at our primary data centre.
In our experience users have an expectation that online services should be available 24 hours a day, 7 days a week and we aim to provide 100% uptime.
Why offline data backups are very important
In recent years users have been encouraged to move away from off line data backups to online backups. Without doubt online data backups are more convenient as users don’t need to worry about swapping media and having a safe secure place to keep it. We ourselves use online backups as our primary method for both full and incremental data backups.
Ransomware attacks are the biggest threat to organisations who rely purely on online backups as the only method of securing their data. As the Arran Brewery discovered, if the ransomware is well crafted then it will effectively encrypt everything it can access – which will include your online backups. Fortunately for Arran Brewery they did have an offline backup, but this was 3 months old. This was enough to allow them to continue trading, however for a lot of organisations losing the last 3 months of their data would have catastrophic consequences. We backup our client data to tape on a weekly basis and rotate the tapes on a 6 weekly cycle. Therefore in a worst case scenario we would lose 7 days of data, which is not good, but should be sufficient for organisations to recover from that point.
Although tape backups are not the most convenient method of backing up data, in our opinion they should still have a place in any organisations overall data backup procedures. As cyber attacks become more and more sophisticated organisations should look to protect themselves for the time when, and not if, they are the target. Having a clear data recovery plan in place which covers the eventuality that all online data storage and backups have been encrypted by criminals is essential.