Ransomware has been a threat for some years now, but over the pandemic the dangers went into overdrive. According to threat hunting and intelligence firm Group-IB, ransomware attacks grew by 150% in 2020, with the average demand having risen to a whopping £120,000 ($170,000). Hybrid and remote working have brought a variety of benefits and changed the way many organisations operate for the better, from realigning work-life balances to allowing recruiters to draw from a broader talent pool not bounded by potential workers’ locations. But these new working models have also presented fresh opportunities for cyber criminals to leverage.
Employees in the office work on a network that is protected from the wider internet by a firewall, using systems provided by their company that have been locked down by systems administrators. A standard, tried-and-tested company security package will have been installed, and the IT department will have full control over the rollout of patches and updates that ensure any weaknesses discovered are removed as soon as possible.
But now that the COVID-19 pandemic has ushered in new dispersed-working models, some of these protections have evaporated. Cyber criminals realised this very early on in the pandemic and saw that COVID itself would provide a strong theme for phishing emails that play on our virus anxiety. Remote employees might use a corporate system at home, which could still be part of a software update regime, but it is clear that many others are still relying on their own home systems, and the unspecified level of protection they offer. Even if corporate security guidelines require the installation of security software and the use VPNs, employees may not do so on their own systems. They may not even know how.
Likewise, their internet connection will probably be domestic broadband delivered through a consumer-grade router. This may have a firewall built in, but the protective ability it provides will vary greatly and will also depend on the remote worker's ability to configure their router's firewall optimally. All these things make people who spend part or all of their time working from home particularly vulnerable to ransomware.
Preventative measures can only go so far and will never be as effective as what is possible with on-premises systems – which were not exactly impregnable. There have been many high-profile ransomware attacks on corporate networks, and probably many more that have gone unreported. Fortunately, companies can take steps to mitigate against the damage when a ransomware attack does occur, which can be applied to remote workers just as easily as in the office.
Safeguard with Synology Active Backup for Business
One of the strongest defences a company has against ransomware attacks is a consistent backup regime of all its systems. Again, for on-premise workers this is much easier to achieve than for remote workers. It is possible to implement cloud-based backup for remote workers, but the licensing and storage costs for this can rapidly become prohibitive for a large extended deployment of working from home, and even more so if employees use more than one device.
Instead, Synology's Active Backup for Business can provide backup for both physical and virtual environments. It can secure files, entire systems, and virtual machines, then rapidly restore them when required. Best of all, with compatible Synology Network Attached Storage devices, Active Backup for Business is completely free of licensing, so as many endpoints can be backed up as desired, as often as you like. This includes unlimited Windows endpoints, VMware and Hyper-V virtual machines, and file servers, with no additional cost per endpoint.
The regular, automated backup and rapid restore minimises downtime in the event of a cyber breach. This helps achieve business continuity for greater employee and customer peace of mind. It is particularly important when dealing with remote workers that setting up a backup regime be as painless and uncomplicated as possible. The light-touch approach to deployment implemented by Active Backup for Business entails just a few clicks to enable on a Synology NAS, after which it will begin working behind the scenes.
The value of Synology NAS storage
Ransomware has become increasingly sophisticated. The payload will often be introduced to infected systems up to a year before activation. This means that companies cannot just rely on having a few recent backups. It may be necessary to keep backups over an extended period of many months. So having a solid regime of regular incremental backups and archiving is essential. This will involve a greater amount of storage, but a Synology NAS will provide a very reasonable cost per gigabyte of storage. The efficient use of this storage via de-duping while achieving full data protection provides the best possible security for the capital outlay on capacity.
Backup is not just there to guard against ransomware. It is also there to protect data from the physical theft of the devices it is stored on. Although remote employees can keep their own systems backed up via a local Synology NAS, maintaining backups on the same physical site as the systems being backed up is another point of weakness. Synology Active Backup for Business can seamlessly create a secondary snapshot on another remote NAS held elsewhere, for additional protection.
Ransomware attacks can cause huge corporate destruction, and they are likely to remain frequent in the new post-COVID era of increased working from home. But by making a consistent data security regime using Synology Active Backup for Business an integral part of the corporate IT strategy, disaster recovery can become disaster avoidance. That way, companies can carry on working quickly even if a breach does occur, with minimal downtime.
-
RSAC Conference 2025: The front line of cyber innovationITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
Anthropic CEO Dario Amodei thinks we're burying our heads in the sand on AI job lossesNews With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker groupNews An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabsNews An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
-
It's been a bad week for ransomware operatorsNews A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
Everything we know about the Peter Green Chilled cyber attackNews A ransomware attack on the chilled food distributor highlights the supply chain risks within the retail sector
-
Scattered Spider: Who are the alleged hackers behind the M&S cyber attack?News The Scattered Spider group has been highly active in recent years
-
Ransomware attacks are rising — but quiet payouts could mean there's more than actually reported
News Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.
-
Cleo attack victim list grows as Hertz confirms customer data stolen – and security experts say it won't be the lastNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackersNews Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
