1
Hardware & Technology / Re: Let's talk Ransomware
« on: March 07, 2024, 09:09:28 AM »
Most businesses have backup of their systems. Most companies have never tried to restore a backup and have no idea if it is possible.
Most medium and large businesses have intrusion detection but most of them have no idea what to do when an intrusion is detected.
If you have got one computer which is infected with ransomware you can just restore it from a backup and move on. But if have a system of multiple internal and external services, restoring a backup will remove the ransomware but leave mess of out of sync systems. Think of credit card authorizations that are no longer registered, ERP orders and invoice are not registered correct.
There can be a lot of data missing from the last backup to the time you decide to restore, and it can be a huge task to figure out this mess. Banks have plans for this, but most other companies don’t.
The EU NIS2 directive is requiring companies to make plans for such events but most companies are still haven’t got a clue about what to do.
Most medium and large businesses have intrusion detection but most of them have no idea what to do when an intrusion is detected.
If you have got one computer which is infected with ransomware you can just restore it from a backup and move on. But if have a system of multiple internal and external services, restoring a backup will remove the ransomware but leave mess of out of sync systems. Think of credit card authorizations that are no longer registered, ERP orders and invoice are not registered correct.
There can be a lot of data missing from the last backup to the time you decide to restore, and it can be a huge task to figure out this mess. Banks have plans for this, but most other companies don’t.
The EU NIS2 directive is requiring companies to make plans for such events but most companies are still haven’t got a clue about what to do.