The new rules of ransomware

Money and keys resting on a laptop representing ransomware

Ransomware has been a threat for some years now, but over the pandemic the dangers went into overdrive. According to threat hunting and intelligence firm Group-IB, ransomware attacks grew by 150% in 2020, with the average demand having risen to a whopping £120,000 ($170,000). Hybrid and remote working have brought a variety of benefits and changed the way many organisations operate for the better, from realigning work-life balances to allowing recruiters to draw from a broader talent pool not bounded by potential workers’ locations. But these new working models have also presented fresh opportunities for cyber criminals to leverage.

Employees in the office work on a network that is protected from the wider internet by a firewall, using systems provided by their company that have been locked down by systems administrators. A standard, tried-and-tested company security package will have been installed, and the IT department will have full control over the rollout of patches and updates that ensure any weaknesses discovered are removed as soon as possible.

But now that the COVID-19 pandemic has ushered in new dispersed-working models, some of these protections have evaporated. Cyber criminals realised this very early on in the pandemic and saw that COVID itself would provide a strong theme for phishing emails that play on our virus anxiety. Remote employees might use a corporate system at home, which could still be part of a software update regime, but it is clear that many others are still relying on their own home systems, and the unspecified level of protection they offer. Even if corporate security guidelines require the installation of security software and the use VPNs, employees may not do so on their own systems. They may not even know how.

Likewise, their internet connection will probably be domestic broadband delivered through a consumer-grade router. This may have a firewall built in, but the protective ability it provides will vary greatly and will also depend on the remote worker's ability to configure their router's firewall optimally. All these things make people who spend part or all of their time working from home particularly vulnerable to ransomware.

Preventative measures can only go so far and will never be as effective as what is possible with on-premises systems – which were not exactly impregnable. There have been many high-profile ransomware attacks on corporate networks, and probably many more that have gone unreported. Fortunately, companies can take steps to mitigate against the damage when a ransomware attack does occur, which can be applied to remote workers just as easily as in the office.

Safeguard with Synology Active Backup for Business

One of the strongest defences a company has against ransomware attacks is a consistent backup regime of all its systems. Again, for on-premise workers this is much easier to achieve than for remote workers. It is possible to implement cloud-based backup for remote workers, but the licensing and storage costs for this can rapidly become prohibitive for a large extended deployment of working from home, and even more so if employees use more than one device.

Instead, Synology's Active Backup for Business can provide backup for both physical and virtual environments. It can secure files, entire systems, and virtual machines, then rapidly restore them when required. Best of all, with compatible Synology Network Attached Storage devices, Active Backup for Business is completely free of licensing, so as many endpoints can be backed up as desired, as often as you like. This includes unlimited Windows endpoints, VMware and Hyper-V virtual machines, and file servers, with no additional cost per endpoint.

The regular, automated backup and rapid restore minimises downtime in the event of a cyber breach. This helps achieve business continuity for greater employee and customer peace of mind. It is particularly important when dealing with remote workers that setting up a backup regime be as painless and uncomplicated as possible. The light-touch approach to deployment implemented by Active Backup for Business entails just a few clicks to enable on a Synology NAS, after which it will begin working behind the scenes.

The value of Synology NAS storage

Ransomware has become increasingly sophisticated. The payload will often be introduced to infected systems up to a year before activation. This means that companies cannot just rely on having a few recent backups. It may be necessary to keep backups over an extended period of many months. So having a solid regime of regular incremental backups and archiving is essential. This will involve a greater amount of storage, but a Synology NAS will provide a very reasonable cost per gigabyte of storage. The efficient use of this storage via de-duping while achieving full data protection provides the best possible security for the capital outlay on capacity.

Backup is not just there to guard against ransomware. It is also there to protect data from the physical theft of the devices it is stored on. Although remote employees can keep their own systems backed up via a local Synology NAS, maintaining backups on the same physical site as the systems being backed up is another point of weakness. Synology Active Backup for Business can seamlessly create a secondary snapshot on another remote NAS held elsewhere, for additional protection.

Ransomware attacks can cause huge corporate destruction, and they are likely to remain frequent in the new post-COVID era of increased working from home. But by making a consistent data security regime using Synology Active Backup for Business an integral part of the corporate IT strategy, disaster recovery can become disaster avoidance. That way, companies can carry on working quickly even if a breach does occur, with minimal downtime.

Learn more about Synology Active Backup for Business


ITPro is a global business technology website providing the latest news, analysis, and business insight for IT decision-makers. Whether it's cyber security, cloud computing, IT infrastructure, or business strategy, we aim to equip leaders with the data they need to make informed IT investments.

For regular updates delivered to your inbox and social feeds, be sure to sign up to our daily newsletter and follow on us LinkedIn and Twitter.